VYPR
Unrated severityNVD Advisory· Published Jan 18, 2013· Updated Jun 16, 2026

CVE-2012-6088

CVE-2012-6088

Description

The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 does not return an error code in certain situations involving an "unparseable signature," which allows remote attackers to bypass RPM signature checks via a crafted package.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Rpm/Rpm3 versions
    cpe:2.3:a:rpm:rpm:4.10.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:rpm:rpm:4.10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:rpm:rpm:4.10.1:*:*:*:*:*:*:*
    • (no CPE)range: <4.10.2

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.