CVE-2015-3406

Опубликовано: 05 апр. 2015

Источник: redhat

CVSS2: 5.1

Описание

The PGP signature parsing in Module::Signature before 0.74 allows remote attackers to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 7	perl-Module-Signature	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-347

https://bugzilla.redhat.com/show_bug.cgi?id=1209911perl-Module-Signature: unsigned files interpreted as signed in some circumstances

5.1 Medium

CVSS2

Связанные уязвимости

CVE-2015-3406

CVSS3: 7.5

ubuntu

около 6 лет назад

The PGP signature parsing in Module::Signature before 0.74 allows remote attackers to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors.

CVE-2015-3406

CVSS3: 7.5

nvd

около 6 лет назад

The PGP signature parsing in Module::Signature before 0.74 allows remote attackers to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors.

CVE-2015-3406

CVSS3: 7.5

debian

около 6 лет назад

The PGP signature parsing in Module::Signature before 0.74 allows remo ...

GHSA-2jr6-2g4g-4jhj

github

больше 3 лет назад

The PGP signature parsing in Module::Signature before 0.74 allows remote attackers to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors.

5.1 Medium

CVSS2