Количество 2
Количество 2
CVE-2016-20021
около 2 лет назад
In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable.
CVSS3: 9.8
EPSS: Низкий
GHSA-pw5x-x5jw-ccmh
около 2 лет назад
Gentoo Portage missing PGP validation of executed code
CVSS3: 9.8
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-20021 In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable. | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
| GHSA-pw5x-x5jw-ccmh Gentoo Portage missing PGP validation of executed code | CVSS3: 9.8 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу
20