Package impact
PyPI / diffoscope
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-0359 | medium | — | 5.5 | 8y ago | diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive. | |||
| CVE-2024-25711 | unknown | — | — | 2y ago | diffoscope before 256 allows directory traversal via an embedded filename in a GPG file. Contents of any file, such as ../.ssh/id_rsa, may be disclosed to an attacker. This occurs because the value o… |