Filtered by vendor Reproducible Builds
Subscriptions
Filtered by product Diffoscope
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-25711 | 2 Fedoraproject, Reproducible Builds | 2 Fedora, Diffoscope | 2025-05-28 | 7.1 High |
| diffoscope before 256 allows directory traversal via an embedded filename in a GPG file. Contents of any file, such as ../.ssh/id_rsa, may be disclosed to an attacker. This occurs because the value of the gpg --use-embedded-filenames option is trusted. | ||||
| CVE-2017-0359 | 2 Debian, Reproducible Builds | 2 Debian Linux, Diffoscope | 2024-11-21 | 9.8 Critical |
| diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive. | ||||
Page 1 of 1.