Critical Vulnerabilities in Fedora's Pagure Platform Expose Supply Chain Attack Risks

Security researchers discovered multiple critical vulnerabilities in Fedora's Pagure code hosting platform that could enable supply chain attacks through malicious code injection. The most severe flaw allowed attackers to compromise repositories and package specifications, leading Fedora to patch the issues and plan migration to Forgejo.