exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

CVE-2024-2307

больше 1 года назад

A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built.

CVSS3: 6.1

EPSS: Низкий

CVE-2024-2307

больше 1 года назад

A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built.

CVSS3: 6.1

EPSS: Низкий

RLSA-2024:2961

около 1 года назад

Moderate: Image builder components bug fix, enhancement and security update

EPSS: Низкий

GHSA-64jx-m9pq-gr8c

больше 1 года назад

A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built.

CVSS3: 6.1

EPSS: Низкий

ELSA-2024-2961

около 1 года назад

ELSA-2024-2961: Image builder components bug fix, enhancement and security update (MODERATE)

EPSS: Низкий

ELSA-2024-2119

больше 1 года назад

ELSA-2024-2119: Image builder components bug fix, enhancement and security update (MODERATE)

EPSS: Низкий

BDU:2024-02720

больше 1 года назад

Уязвимость службы для создания загрузочных образов операционной системы OSBuild Composer, связанная с некорректной проверкой криптографической подписи, позволяющая нарушителю реализовать атаку «человек посередине»

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-2307 A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built.	CVSS3: 6.1	0% Низкий	больше 1 года назад
CVE-2024-2307 A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built.	CVSS3: 6.1	0% Низкий	больше 1 года назад
RLSA-2024:2961 Moderate: Image builder components bug fix, enhancement and security update		0% Низкий	около 1 года назад
GHSA-64jx-m9pq-gr8c A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built.	CVSS3: 6.1	0% Низкий	больше 1 года назад
ELSA-2024-2961 ELSA-2024-2961: Image builder components bug fix, enhancement and security update (MODERATE)			около 1 года назад
ELSA-2024-2119 ELSA-2024-2119: Image builder components bug fix, enhancement and security update (MODERATE)			больше 1 года назад
BDU:2024-02720 Уязвимость службы для создания загрузочных образов операционной системы OSBuild Composer, связанная с некорректной проверкой криптографической подписи, позволяющая нарушителю реализовать атаку «человек посередине»	CVSS3: 6.1	0% Низкий	больше 1 года назад

Уязвимостей на страницу