CVE-2020-16155

Опубликовано: 13 дек. 2021

Источник: debian

EPSS Низкий

Описание

The CPAN::Checksums package 2.12 for Perl does not uniquely define signed data.

Пакет	Статус	Версия исправления	Релиз	Тип
libcpan-checksums-perl	fixed	2.13-1		package
libcpan-checksums-perl	no-dsa		bullseye	package
libcpan-checksums-perl	no-dsa		buster	package
libcpan-checksums-perl	no-dsa		stretch	package

https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://github.com/andk/cpan-checksums/commit/9d2f5f26470ff7ce53ef697d09790fc4db451ab1 (2.13)

EPSS

Процентиль: 42%

0.00203

Низкий

CVE-2020-16155

CVSS3: 6.5

ubuntu

около 4 лет назад

The CPAN::Checksums package 2.12 for Perl does not uniquely define signed data.

CVE-2020-16155

CVSS3: 6.5

nvd

около 4 лет назад

The CPAN::Checksums package 2.12 for Perl does not uniquely define signed data.

GHSA-7c2g-m3j2-jrgq

github

около 4 лет назад

The CPAN::Checksums package 2.12 for Perl does not uniquely define signed data.

EPSS

Процентиль: 42%

0.00203

Низкий