Lucene search
+L

Incorrect signature verification on gzip-compressed install images

🗓️ 04 Mar 2022 12:00:00Reported by rustsecType 
rustsec
 rustsec
🔗 rustsec.org👁 4 Views

A gzip wrapper flaw lets the signature be bypassed with gzip images in coreos-installer provisioning.

Related
Detection
ReporterTitlePublishedViews
Family
circl
CVE-2021-20319
4 Mar 202220:30
circl
cnnvd
coreos-installer 数据伪造问题漏洞
20 Oct 202100:00
cnnvd
cve
CVE-2021-20319
4 Mar 202217:05
cve
cvelist
CVE-2021-20319
4 Mar 202217:05
cvelist
euvd
EUVD-2021-2149
7 Oct 202500:30
euvd
fedora
[SECURITY] Fedora 33 Update: rust-coreos-installer-0.10.1-2.fc33
20 Oct 202119:26
fedora
fedora
[SECURITY] Fedora 34 Update: rust-coreos-installer-0.10.1-1.fc34
20 Oct 202119:23
fedora
fedora
[SECURITY] Fedora 35 Update: rust-coreos-installer-0.10.1-1.fc35
29 Oct 202123:25
fedora
github
coreos-installer improperly verifies GPG signature when decompressing gzipped artifact
12 Oct 202116:06
github
nvd
CVE-2021-20319
4 Mar 202218:15
nvd
Rows per page
Vulners
Node
coreoscoreos-installerRange0.0.00.10.1rust

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation