Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-3421

Опубликовано: 19 мая 2021
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4.3
CVSS3: 5.5

Описание

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
devel

not-affected

4.17.0+dfsg1-1
esm-apps/bionic

released

4.14.1+dfsg1-2ubuntu0.1~esm1
esm-apps/focal

released

4.14.2.1+dfsg1-1ubuntu0.1~esm1
esm-apps/jammy

not-affected

4.17.0+dfsg1-1
esm-apps/noble

not-affected

4.17.0+dfsg1-1
esm-apps/xenial

released

4.12.0.1+dfsg1-3ubuntu0.1~esm1
esm-infra-legacy/trusty

needed

focal

ignored

end of standard support, was needed
groovy

ignored

end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 15%
0.00048
Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-3421

CVSS3: 4.7
redhat
почти 5 лет назад

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.

nvd логотип

CVE-2021-3421

CVSS3: 5.5
nvd
больше 4 лет назад

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.

msrc логотип

CVE-2021-3421

CVSS3: 5.5
msrc
больше 4 лет назад

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.

debian логотип

CVE-2021-3421

CVSS3: 5.5
debian
больше 4 лет назад

A flaw was found in the RPM package in the read functionality. This fl ...

github логотип

GHSA-f7ww-c7v4-g682

CVSS3: 5.5
github
больше 3 лет назад

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.

EPSS

Процентиль: 15%
0.00048
Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3