Linux Distros Unpatched Vulnerability : CVE-2023-45143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Undici is an HTTP/1.1 client written from scratch for Node.js. Prior to version 5.26.2, Undici already cleared Authorization headers on cross-origin redirects,...

OESA-2021-1224 libdnf security update

A Library providing simplified C and Python API to libsolv. Security Fixes: A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick...

DEBIAN-CVE-2021-3445

A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability...

PT-2021-4276 · Libdnf +6 · Libdnf +6

Name of the Vulnerable Software and Affected Versions: libdnf versions prior to 0.60.1 Description: The issue is related to an error in the signature verification function of the libdnf library, which manages packages. This could allow a remote attacker to access confidential data, compromise its...

Ubuntu 10.04 LTS / 11.10 / 12.04 LTS : rpm vulnerabilities (USN-1695-1)

It was discovered that RPM incorrectly handled certain package headers. If a user or automated system were tricked into installing a specially crafted RPM package, an attacker could cause RPM to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network...

Mandriva Update for rpm MDVSA-2012:056 (rpm)

Check for the Version of rpm OpenVAS Vulnerability Test Mandriva Update for rpm MDVSA-2012:056 rpm Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

GLSA-201206-26 : RPM: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201206-26 RPM: Multiple vulnerabilities Multiple vulnerabilities have been found in RPM: fsm.c fails to properly strip setuid and setgid bits from executable files during a package upgrade CVE-2010-2059. RPM does not properly pars...

Mandriva Linux Security Advisory : rpm (MDVSA-2012:056)

Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library to crash or, potentially, execute...

Important: Red Hat Security Advisory: rpm security update

Updated rpm packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6; Red Hat Enterprise Linux 3 and 4 Extended Life Cycle Support; Red Hat Enterprise Linux 5.3 Long Life; and Red Hat Enterprise Linux 5.6, 6.0 and 6.1 Extended Update Support. The Red Hat...

Medium: rpm

Issue Overview: Multiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially-crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code. CVE-2011-3378 Affected Packages: rpm Issue...

Fedora 15 : rpm-4.9.1.2-1.fc15 (2011-13785)

This update fixes some crashes which can occur when reading malformed package headers. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible withou...