VYPR

Yum

by Zippyyum

CVEs (2)

  • CVE-2013-1910Oct 31, 2019
    risk 0.00cvss epss 0.03

    yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository.

  • CVE-2014-0022Jan 26, 2014
    risk 0.00cvss epss 0.02

    The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package.