jfrog-cli was added to epel9 repo on 2025-08-29
Page updated: 2026-02-19 11:33
Repo Status -
Overall Status
Source NVR: jfrog-cli-2.78.3-2.el9 (2025-08-29)
| jfrog-cli | jfrog-cli-2.78.3-2.el9 |
| 2403136 | NEW | CVE-2025-11579 jfrog-cli: RarDecode Out Of Memory Crash [epel-9] |
| 2420569 | NEW | CVE-2025-47913 jfrog-cli: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [epel-9] |
| 2421867 | ASSIGNED | CVE-2025-66564 jfrog-cli: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing [epel-9] |
| 2432197 | NEW | CVE-2026-23831 jfrog-cli: Rekor denial of service [epel-9] |
| 2433101 | NEW | CVE-2026-23991 jfrog-cli: go-tuf client DoS via malformed server response [epel-9] |
| 2433104 | NEW | CVE-2026-23992 jfrog-cli: go-tuf improperly validates the configured threshold for delegations [epel-9] |
| 2433535 | NEW | CVE-2026-24117 jfrog-cli: Rekor Server-Side Request Forgery (SSRF) [epel-9] |
| 2433572 | NEW | CVE-2026-24137 jfrog-cli: sigstore legacy TUF client allows for arbitrary file writes with target cache path traversal [epel-9] |
| 2434246 | NEW | CVE-2026-24686 jfrog-cli: go-tuf Path Traversal in TAP 4 Multirepo Client Allows Arbitrary File Write via Malicious Repository Names [epel-9] |