Количество 7
Количество 7
GHSA-64jx-m9pq-gr8c
A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built.
CVE-2024-2307
A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built.
CVE-2024-2307
A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built.
RLSA-2024:2961
Moderate: Image builder components bug fix, enhancement and security update
ELSA-2024-2961
ELSA-2024-2961: Image builder components bug fix, enhancement and security update (MODERATE)
ELSA-2024-2119
ELSA-2024-2119: Image builder components bug fix, enhancement and security update (MODERATE)
BDU:2024-02720
Уязвимость службы для создания загрузочных образов операционной системы OSBuild Composer, связанная с некорректной проверкой криптографической подписи, позволяющая нарушителю реализовать атаку «человек посередине»
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-64jx-m9pq-gr8c A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built. | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
 | CVE-2024-2307 A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built. | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
 | CVE-2024-2307 A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built. | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
 | RLSA-2024:2961 Moderate: Image builder components bug fix, enhancement and security update | 0% Низкий | около 1 года назад | |
| ELSA-2024-2961 ELSA-2024-2961: Image builder components bug fix, enhancement and security update (MODERATE) | около 1 года назад | ||
| ELSA-2024-2119 ELSA-2024-2119: Image builder components bug fix, enhancement and security update (MODERATE) | больше 1 года назад | ||
 | BDU:2024-02720 Уязвимость службы для создания загрузочных образов операционной системы OSBuild Composer, связанная с некорректной проверкой криптографической подписи, позволяющая нарушителю реализовать атаку «человек посередине» | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу