Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-9269

Опубликовано: 01 мар. 2018
Источник: nvd
CVSS3: 7.7
CVSS3: 9.8
CVSS2: 7.5
EPSS Низкий

Описание

In libzypp before August 2018 GPG keys attached to YUM repositories were not correctly pinned, allowing malicious repository mirrors to silently downgrade to unsigned repositories with potential malicious content.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:opensuse:libzypp:-:*:*:*:*:*:*:*

EPSS

Процентиль: 63%
0.00451
Низкий

7.7 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-757
CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2017-9269

CVSS3: 7.7
ubuntu
почти 8 лет назад

In libzypp before August 2018 GPG keys attached to YUM repositories were not correctly pinned, allowing malicious repository mirrors to silently downgrade to unsigned repositories with potential malicious content.

debian логотип

CVE-2017-9269

CVSS3: 7.7
debian
почти 8 лет назад

In libzypp before August 2018 GPG keys attached to YUM repositories we ...

github логотип

GHSA-fvp9-wx3h-666q

CVSS3: 9.8
github
больше 3 лет назад

In libzypp before August 2018 GPG keys attached to YUM repositories were not correctly pinned, allowing malicious repository mirrors to silently downgrade to unsigned repositories with potential malicious content.

suse-cvrf логотип

openSUSE-SU-2018:2739-1

suse-cvrf
больше 7 лет назад

Security update for libzypp, zypper

suse-cvrf логотип

SUSE-SU-2018:2814-1

suse-cvrf
больше 7 лет назад

Security update for libzypp, zypper

EPSS

Процентиль: 63%
0.00451
Низкий

7.7 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-757
CWE-20