Redhat Package Manager
by Red Hat
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-2204 | 0.00 | — | 0.02 | Dec 31, 2002 | The default --checksig setting in RPM Package Manager 4.0.4 checks that a package's signature is valid without listing who signed it, which can allow remote attackers to make it appear that a malicious package comes from a trusted source. | |||
| CVE-2001-0923 | 0.00 | — | 0.01 | Oct 25, 2001 | RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to execute arbitrary code via corrupted data in the RPM file when the file is queried. |
- CVE-2002-2204Dec 31, 2002risk 0.00cvss —epss 0.02
The default --checksig setting in RPM Package Manager 4.0.4 checks that a package's signature is valid without listing who signed it, which can allow remote attackers to make it appear that a malicious package comes from a trusted source.
- CVE-2001-0923Oct 25, 2001risk 0.00cvss —epss 0.01
RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to execute arbitrary code via corrupted data in the RPM file when the file is queried.