72 matches found
EulerOS 2.0 SP9 : libdnf (EulerOS-SA-2021-2555)
According to the versions of the libdnf packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code...
Huawei EulerOS: Security Advisory for libdnf (EulerOS-SA-2021-2468)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : libdnf (EulerOS-SA-2021-2468)
According to the versions of the libdnf packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code...
openSUSE 15 Security Update : libdnf (openSUSE-SU-2021:2685-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2685-1 advisory. - A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a vict...
openSUSE: Security Advisory for libdnf (openSUSE-SU-2021:2685-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2021:2685-1 Security update for libdnf
This update for libdnf fixes the following issues: - Fixed crash when loading DVD repositories Update to 0.62.0 + Change order of TransactionItemReason rh1921063 + Add two new comperators for security filters rh1918475 + Apply security filters for candidates with lower priority + Fix: Goal -...
Security update for libdnf (moderate)
openSUSE Security Update: Security update for libdnf Announcement ID: openSUSE-SU-2021:2685-1 Rating: moderate References: 1183779 Cross-References: CVE-2021-20271 CVE-2021-3421 CVE-2021-3445 CVSS scores: CVE-2021-20271 NVD : 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-20271 SUSE: 3.3...
CVE-2021-3445 affecting package libdnf 0.43.1-2
CVE-2021-3445 affecting package libdnf 0.43.1-2. A patched version of the package is available...
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability is to confidentiality integrity as well as system availability.
...
DEBIAN-CVE-2021-3445
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability...
CVE-2021-3445
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability...
CVE-2021-3445
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability...
CVE-2021-3445
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability...
Design/Logic Flaw
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability...
UBUNTU-CVE-2021-3445
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability...
CVE-2021-3445
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability...
CVE-2021-3445
A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability...
CVE-2021-3445
CVE-2021-3445 affects Cloud Pak for Security (CP4S) with vulnerability in libdnf signature verification. The IBM security bulletin details that an attacker who is able to place a signature in the main header could achieve remote code execution on CP4S. Affected CP4S versions in this report are 1....
dnf bug fix and enhancement update
An update is available for libcomps, dnf-plugins-core, dnf, libdnf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this...
Red Hat libdnf 数据伪造问题漏洞
Red Hat libdnf is an application from Red Hat USA. provides a library that provides a simplified C and Python API for libsolv. A data forgery vulnerability exists in libdnf, which arises from the signature feature allowing an attacker to achieve code execution...