VYPR

rpm package

suse/rpm&distro=SUSE Linux Enterprise Module for Development Tools 15

pkg:rpm/suse/rpm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015

Vulnerabilities (1)

  • CVE-2017-7500HigAug 13, 2018
    affected < 4.14.1-10.3.1fixed 4.14.1-10.3.1

    It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write acces