Browse all 6 CVE security advisories affecting Repox. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Repox is a software tool primarily used for package repository management, enabling organizations to host and distribute software packages internally. Historically, it has been susceptible to multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues, as evidenced by its six recorded CVEs. These vulnerabilities often stem from insufficient input validation and improper access controls in web interfaces and API endpoints. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities in core functionality suggests a need for rigorous security hardening and regular patching to prevent potential exploitation in enterprise environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-6723 | Unrestricted Upload of File with Dangerous Type in Repox — RepoxCWE-434 | 10.0 | Critical | 2023-12-13 |
| CVE-2023-6722 | Relative Path Traversal in Repox — RepoxCWE-23 | 7.5 | High | 2023-12-13 |
| CVE-2023-6721 | Improper Restriction of XML External Entity Reference in Repox — RepoxCWE-611 | 8.3 | High | 2023-12-13 |
| CVE-2023-6720 | Cross-site Scripting in Repox — RepoxCWE-79 | 5.5 | Medium | 2023-12-13 |
| CVE-2023-6719 | Cross-site Scripting in Repox — RepoxCWE-79 | 6.3 | Medium | 2023-12-13 |
| CVE-2023-6718 | Authentication Bypass Using an Alternate Path or Channel in Repox — RepoxCWE-288 | 9.4 | Critical | 2023-12-13 |
This page lists every published CVE security advisory associated with Repox. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.