Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-0149

Malicious code in bioql PyPI...

9.8CVSS9AI score0.00464EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/22 11:40 a.m.6 views

CVE-2016-20021

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...

9.8CVSS6.8AI score0.00464EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2024/01/12 3:30 a.m.23 views

Gentoo Portage missing PGP validation of executed code

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification...

9.8CVSS6.8AI score0.00464EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2024/01/12 3:15 a.m.18 views

CVE-2016-20021

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...

9.8CVSS9.5AI score
Exploits0References3
NVD
NVD
added 2024/01/12 3:15 a.m.26 views

CVE-2016-20021

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...

9.8CVSS9.5AI score0.00464EPSS
Exploits0References3
PyPA
PyPA
added 2024/01/12 3:15 a.m.5 views

PYSEC-2024-10

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...

9.8CVSS6.8AI score0.00464EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/01/12 3:15 a.m.51 views

PYSEC-2024-10

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...

9.8CVSS9.5AI score0.00464EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/01/12 12:0 a.m.1 views

PT-2024-10576 · Gentoo · Gentoo Portage

Name of the Vulnerable Software and Affected Versions: Gentoo Portage versions prior to 3.0.47 Description: The issue concerns missing PGP validation of executed code. Specifically, the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. This issue doe...

9.8CVSS9.3AI score0.00464EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2024/01/12 12:0 a.m.3 views

CVE-2016-20021

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...

9.5AI score0.00464EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/12 12:0 a.m.28 views

CVE-2016-20021

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...

9.6AI score0.00464EPSS
Exploits0References3
Rows per page
Query Builder