CVE-2019-4427
CVE-2019-4427 affects IBM Cloud CLI Windows installers (versions 0.6.0–0.16.1); the installers are signed with a SHA-1 certificate. The weak signing algorithm could allow an attacker to generate a tampered installer containing malware. IBM’s advisory lists the affected range and recommends upgrad...