VYPR

rpm package

opensuse/python-rpm&distro=openSUSE Leap 15.6

pkg:rpm/opensuse/python-rpm&distro=openSUSE%20Leap%2015.6

Vulnerabilities (1)

  • CVE-2021-3521Aug 22, 2022
    affected < 4.14.3-150400.59.16.1fixed 4.14.3-150400.59.16.1

    There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a "binding signature." RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a ma