Reproducible Builds Diffoscope — known CVE vulnerabilities
Every CVE whose affected-product data names Reproducible Builds Diffoscope, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2017-0359 — CVSS 9.8 (critical): diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive.
CVE-2024-25711 — CVSS 7.5 (high): diffoscope before 256 allows directory traversal via an embedded filename in a GPG file. Contents of any file, such as ../.ssh/id_rsa, may…