VYPR

rpm package

opensuse/libdnf&distro=openSUSE Leap 15.3

pkg:rpm/opensuse/libdnf&distro=openSUSE%20Leap%2015.3

Vulnerabilities (3)

  • CVE-2021-3445May 19, 2021
    affected < 0.62.0-5.3.1fixed 0.62.0-5.3.1

    A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of t

  • CVE-2021-3421May 19, 2021
    affected < 0.62.0-5.3.1fixed 0.62.0-5.3.1

    A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data

  • CVE-2021-20271Mar 26, 2021
    affected < 0.62.0-5.3.1fixed 0.62.0-5.3.1

    A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highe