Описание
The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 does not return an error code in certain situations involving an "unparseable signature," which allows remote attackers to bypass RPM signature checks via a crafted package.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4.10.1-2.1 |
| hardy | ignored | end of life |
| lucid | not-affected | 4.7.2-1lbuild1 |
| oneiric | not-affected | 4.9.0-7 |
| precise | not-affected | 4.9.1.1-1build1 |
| quantal | released | 4.10.0-4ubuntu0.1 |
| upstream | released | 4.10.2 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 does not return an error code in certain situations involving an "unparseable signature," which allows remote attackers to bypass RPM signature checks via a crafted package.
The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 does not return an error code in certain situations involving an "unparseable signature," which allows remote attackers to bypass RPM signature checks via a crafted package.
The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 d ...
The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 does not return an error code in certain situations involving an "unparseable signature," which allows remote attackers to bypass RPM signature checks via a crafted package.
EPSS
4.3 Medium
CVSS2