VYPR
Unrated severityNVD Advisory· Published Jan 26, 2014· Updated Jun 17, 2026

CVE-2014-0022

CVE-2014-0022

Description

The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Baseurl/Yum4 versions
    cpe:2.3:a:baseurl:yum:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:baseurl:yum:*:*:*:*:*:*:*:*range: <=3.4.3
    • cpe:2.3:a:baseurl:yum:3.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:baseurl:yum:3.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:baseurl:yum:3.4.2:*:*:*:*:*:*:*
  • Zippyyum/Yumllm-create
    Range: <=3.4.3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.