Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
diffoscope vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-0359
diffoscope prior to 77 writes to arbitrary locations on disk based on the contents of an untrusted archive.
Reproducible Builds Diffoscope
Debian Debian Linux 9.0
NA
CVE-2024-25711
diffoscope prior to 256 allows directory traversal via an embedded filename in a GPG file. Contents of any file, such as ../.ssh/id_rsa, may be disclosed to an attacker. This occurs because the value of the gpg --use-embedded-filenames option is trusted.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started