Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-7435

Опубликовано: 01 мар. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 9.3
CVSS3: 8.1

Описание

In libzypp before 20170803 it was possible to add unsigned YUM repositories without warning to the user that could lead to man in the middle or malicious servers to inject malicious RPM packages into a users system.

РелизСтатусПримечание
artful

ignored

end of life
bionic

DNE

cosmic

not-affected

17.6.1-1
devel

not-affected

17.6.1-1
disco

not-affected

17.6.1-1
eoan

not-affected

17.6.1-1
esm-apps/focal

not-affected

17.6.1-1
esm-apps/jammy

not-affected

17.6.1-1
esm-apps/noble

not-affected

17.6.1-1
esm-apps/xenial

needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 66%
0.00521
Низкий

9.3 Critical

CVSS2

8.1 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2017-7435

CVSS3: 8.1
nvd
почти 8 лет назад

In libzypp before 20170803 it was possible to add unsigned YUM repositories without warning to the user that could lead to man in the middle or malicious servers to inject malicious RPM packages into a users system.

debian логотип

CVE-2017-7435

CVSS3: 8.1
debian
почти 8 лет назад

In libzypp before 20170803 it was possible to add unsigned YUM reposit ...

github логотип

GHSA-gvfg-vcp7-gmf9

CVSS3: 8.1
github
больше 3 лет назад

In libzypp before 20170803 it was possible to add unsigned YUM repositories without warning to the user that could lead to man in the middle or malicious servers to inject malicious RPM packages into a users system.

suse-cvrf логотип

openSUSE-SU-2017:2335-1

suse-cvrf
больше 8 лет назад

Security update for libzypp

suse-cvrf логотип

openSUSE-SU-2017:2111-1

suse-cvrf
больше 8 лет назад

Security update for libzypp, zypper

EPSS

Процентиль: 66%
0.00521
Низкий

9.3 Critical

CVSS2

8.1 High

CVSS3