Lucene search

K
alpinelinuxAlpine Linux Development TeamALPINE:CVE-2016-20011
HistoryMay 25, 2021 - 9:15 p.m.

CVE-2016-20011

2021-05-2521:15:07
Alpine Linux Development Team
security.alpinelinux.org
22
libgrss security bypass remote attackers manipulation feeds soupsessionsyncunix

AI Score

6.7

Confidence

High

EPSS

0.003

Percentile

70.2%

libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents of feeds without detection. This occurs because of the default behavior of SoupSessionSync.

AI Score

6.7

Confidence

High

EPSS

0.003

Percentile

70.2%