Описание
The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method.
Отчет
Not vulnerable. This issue did not affect the version of PackageKit in Red Hat Enterprise Linux, as Zypper support was not included.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | PackageKit | Not affected | ||
| Red Hat Enterprise Linux 7 | PackageKit | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
2.1 Low
CVSS2
Связанные уязвимости
The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method.
The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method.
The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local ...
The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method.
EPSS
2.1 Low
CVSS2