RSS   Vulnerabilities for 'YUM'   RSS

2014-01-26
 
CVE-2014-0022

CWE-20
 

 
The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package.

 


Copyright 2019, cxsecurity.com

 

Back to Top