VYPR

rpm package

suse/python-rpm&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

pkg:rpm/suse/python-rpm&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS

Vulnerabilities (1)

  • CVE-2021-3521Aug 22, 2022
    affected < 4.14.3-150400.59.16.1fixed 4.14.3-150400.59.16.1

    There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a "binding signature." RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a ma