Search criteria
63 vulnerabilities found for rpm by rpm
FKIE_CVE-2021-35939
Vulnerability from fkie_nvd - Published: 2022-08-26 16:15 - Updated: 2024-11-21 06:12
Severity ?
Summary
It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rpm | rpm | * | |
| redhat | enterprise_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "582D14B9-3812-42FD-9FA3-2BDEAA02DD6C",
"versionEndExcluding": "4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
},
{
"lang": "es",
"value": "Se ha detectado que la correcci\u00f3n de CVE-2017-7500 y CVE-2017-7501 era incompleta: la comprobaci\u00f3n s\u00f3lo es implementada para el directorio padre del archivo que iba a crearse. Un usuario local no privilegiado que posea otro directorio antecesor podr\u00eda usar este fallo para conseguir privilegios de root. La mayor amenaza de esta vulnerabilidad es para la confidencialidad e integridad de los datos, as\u00ed como para la disponibilidad del sistema."
}
],
"id": "CVE-2021-35939",
"lastModified": "2024-11-21T06:12:47.457",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-26T16:15:08.683",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-35939"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964129"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/commit/96ec957e281220f8e137a2d5eb23b83a6377d556"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/pull/1919"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-35939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/commit/96ec957e281220f8e137a2d5eb23b83a6377d556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/pull/1919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
FKIE_CVE-2021-35937
Vulnerability from fkie_nvd - Published: 2022-08-25 20:15 - Updated: 2024-11-21 06:12
Severity ?
Summary
A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rpm | rpm | * | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 | |
| fedoraproject | fedora | 34 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E92EAAF-D2B5-458B-BBF4-363FD16D3931",
"versionEndExcluding": "4.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de condici\u00f3n de carrera en rpm. Un usuario local no privilegiado podr\u00eda usar este fallo para omitir las comprobaciones introducidas en respuesta a CVE-2017-7500 y CVE-2017-7501, obteniendo potencialmente privilegios de root. La mayor amenaza de esta vulnerabilidad es para la confidencialidad e integridad de los datos, as\u00ed como para la disponibilidad del sistema."
}
],
"id": "CVE-2021-35937",
"lastModified": "2024-11-21T06:12:47.177",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T20:15:09.243",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-35937"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964125"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.usenix.org/legacy/event/sec05/tech/full_papers/borisov/borisov.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-35937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.usenix.org/legacy/event/sec05/tech/full_papers/borisov/borisov.pdf"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-35938
Vulnerability from fkie_nvd - Published: 2022-08-25 20:15 - Updated: 2024-11-21 06:12
Severity ?
Summary
A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rpm | rpm | * | |
| fedoraproject | fedora | 34 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E92EAAF-D2B5-458B-BBF4-363FD16D3931",
"versionEndExcluding": "4.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
},
{
"lang": "es",
"value": "Se ha encontrado un problema de enlaces simb\u00f3licos en rpm. Es producido cuando rpm establece los permisos y credenciales deseados despu\u00e9s de instalar un archivo. Un usuario local no privilegiado podr\u00eda usar este fallo para cambiar el archivo original por un enlace simb\u00f3lico a un archivo cr\u00edtico para la seguridad y escalar sus privilegios en el sistema. La mayor amenaza de esta vulnerabilidad es para la confidencialidad e integridad de los datos, as\u00ed como para la disponibilidad del sistema."
}
],
"id": "CVE-2021-35938",
"lastModified": "2024-11-21T06:12:47.313",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-25T20:15:09.307",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-35938"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964114"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157880"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/commit/25a435e90844ea98fe5eb7bef22c1aecf3a9c033"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/pull/1919"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-35938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/commit/25a435e90844ea98fe5eb7bef22c1aecf3a9c033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/pull/1919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-3521
Vulnerability from fkie_nvd - Published: 2022-08-22 15:15 - Updated: 2024-11-21 06:21
Severity ?
Summary
There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a "binding signature." RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey to a legitimate public key, RPM could wrongly trust a malicious signature. The greatest impact of this flaw is to data integrity. To exploit this flaw, an attacker must either compromise an RPM repository or convince an administrator to install an untrusted RPM or public key. It is strongly recommended to only use RPMs and public keys from trusted sources.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1074C3F6-BFE3-45EC-B03B-F39E7DC4E323",
"versionEndExcluding": "4.17.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a flaw in RPM\u0027s signature functionality. OpenPGP subkeys are associated with a primary key via a \"binding signature.\" RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey to a legitimate public key, RPM could wrongly trust a malicious signature. The greatest impact of this flaw is to data integrity. To exploit this flaw, an attacker must either compromise an RPM repository or convince an administrator to install an untrusted RPM or public key. It is strongly recommended to only use RPMs and public keys from trusted sources."
},
{
"lang": "es",
"value": "Se presenta un fallo en la funcionalidad de firma de RPM. Las subclaves OpenPGP se asocian a una clave primaria por medio de una \"firma vinculante\". RPM no comprueba la firma vinculante de las subclaves antes de importarlas. Si un atacante es capaz de a\u00f1adir o hacer ingenier\u00eda social para que otra parte a\u00f1ada una subclave maliciosa a una clave p\u00fablica leg\u00edtima, RPM podr\u00eda confiar err\u00f3neamente en una firma maliciosa. El mayor impacto de este fallo es la integridad de los datos. Para explotar este fallo, un atacante debe comprometer un repositorio de RPM o convencer a un administrador para que instale un RPM o una clave p\u00fablica que no sean confiables. Es recomendado encarecidamente usar s\u00f3lo RPMs y claves p\u00fablicas de fuentes confiables."
}
],
"id": "CVE-2021-3521",
"lastModified": "2024-11-21T06:21:45.260",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-22T15:15:13.473",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3521"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941098"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/commit/bd36c5dc9fb6d90c46fbfed8c2d67516fc571ec8"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/pull/1795/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/commit/bd36c5dc9fb6d90c46fbfed8c2d67516fc571ec8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/pull/1795/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
FKIE_CVE-2021-3421
Vulnerability from fkie_nvd - Published: 2021-05-19 14:15 - Updated: 2024-11-21 06:21
Severity ?
Summary
A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rpm | rpm | * | |
| redhat | enterprise_linux | 8.0 | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E210A7F5-C9AD-41DB-8E5A-2D48615DF02B",
"versionEndExcluding": "4.16.1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo en el paquete RPM en la funcionalidad read.\u0026#xa0;Este fallo permite a un atacante que pueda convencer a una v\u00edctima de instalar un paquete aparentemente comprobable o comprometer un repositorio de RPM, causar una corrupci\u00f3n en la base de datos de RPM.\u0026#xa0;La mayor amenaza de esta vulnerabilidad es la integridad de los datos.\u0026#xa0;Este fallo afecta a versiones de RPM anteriores a 4.17.0-alpha"
}
],
"id": "CVE-2021-3421",
"lastModified": "2024-11-21T06:21:27.903",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-19T14:15:07.457",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927747"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-43"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
}
]
}
FKIE_CVE-2021-20266
Vulnerability from fkie_nvd - Published: 2021-04-30 12:15 - Updated: 2024-11-21 05:46
Severity ?
Summary
A flaw was found in RPM's hdrblobInit() in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rpm | rpm | * | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E210A7F5-C9AD-41DB-8E5A-2D48615DF02B",
"versionEndExcluding": "4.16.1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in RPM\u0027s hdrblobInit() in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability."
},
{
"lang": "es",
"value": "Se detect\u00f3 un fallo en RPM en la funci\u00f3n hdrblobInit() en el archivo lib/header.c.\u0026#xa0;Este fallo permite a un atacante que puede modificar el rpmdb causar una lectura fuera de l\u00edmites.\u0026#xa0;La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema."
}
],
"id": "CVE-2021-20266",
"lastModified": "2024-11-21T05:46:14.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-30T12:15:07.500",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927741"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927741"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-43"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
}
]
}
FKIE_CVE-2021-20271
Vulnerability from fkie_nvd - Published: 2021-03-26 17:15 - Updated: 2024-11-21 05:46
Severity ?
Summary
A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rpm | rpm | * | |
| rpm | rpm | * | |
| rpm | rpm | 4.15.0 | |
| rpm | rpm | 4.15.0 | |
| rpm | rpm | 4.15.0 | |
| rpm | rpm | 4.16.0 | |
| rpm | rpm | 4.16.0 | |
| rpm | rpm | 4.16.0 | |
| rpm | rpm | 4.16.0 | |
| redhat | enterprise_linux | 8.0 | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| starwindsoftware | starwind_virtual_san | v8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5017E785-D9A4-40BE-ADD8-4421BB138131",
"versionEndExcluding": "4.15.1.3",
"versionStartIncluding": "4.15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22989FC-E9C0-4189-BDFE-69346C3F8495",
"versionEndExcluding": "4.16.1.3",
"versionStartIncluding": "4.16.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.15.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "6E77F834-98D9-45CA-A442-97362CEAB09C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.15.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "40503D12-35BC-4515-A293-F39A37B23A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.15.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "19299515-DF82-48A3-BA65-0DE705E75CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.16.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "0565E985-6BD3-45E1-928C-B67E18B7B56E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.16.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "96BDFF27-D2ED-48F9-91FB-377D1244A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.16.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "EA51C420-EFCB-4068-A981-E99722C5FAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.16.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "653B69E5-0E47-49EF-AD3D-218C86252E7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build14398:*:*:*:*:*:*",
"matchCriteriaId": "2561CD5F-82A9-464E-B571-44634187B497",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in RPM\u0027s signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability."
},
{
"lang": "es",
"value": "Se detect\u00f3 un fallo en la funcionalidad de comprobaci\u00f3n de firmas de RPM cuando se lee un archivo de paquete. Este fallo permite a un atacante que pueda convencer a una v\u00edctima de instalar un paquete aparentemente verificable, cuyo encabezado de firma fue modificado, causar una corrupci\u00f3n de la base de datos de RPM y ejecutar c\u00f3digo. La mayor amenaza de esta vulnerabilidad es la integridad de los datos, la confidencialidad y la disponibilidad del sistema."
}
],
"id": "CVE-2021-20271",
"lastModified": "2024-11-21T05:46:15.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-26T17:15:13.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934125"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-43"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.starwindsoftware.com/security/sw-20220805-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.starwindsoftware.com/security/sw-20220805-0002/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
FKIE_CVE-2017-7500
Vulnerability from fkie_nvd - Published: 2018-08-13 17:29 - Updated: 2024-11-21 03:32
Severity ?
7.3 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "570A3E92-EA84-4106-9C64-B0F597F1C9AB",
"versionEndExcluding": "4.13.0.2",
"versionStartIncluding": "4.13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.14.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3206925E-EF01-4CC1-ABCA-68283CCF7041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.14.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2CE6C7F0-274D-4205-83E6-963422C7AC29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege."
},
{
"lang": "es",
"value": "Se ha detectado que rpm no manejaba correctamente las instalaciones RPM cuando una ruta de destino era un enlace simb\u00f3lico a un directorio, posiblemente cambiando la propiedad y los permisos de un directorio arbitrario y los archivos RPM se colocaban en un destino arbitrario. Un atacante con acceso de escritura a un directorio en el que se instalar\u00e1 un subdirectorio podr\u00eda redirigir ese directorio a una ubicaci\u00f3n arbitraria y obtener privilegios root."
}
],
"id": "CVE-2017-7500",
"lastModified": "2024-11-21T03:32:01.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-13T17:29:00.357",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7500"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/commit/c815822c8bdb138066ff58c624ae83e3a12ebfa9"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/commit/f2d3be2a8741234faaa96f5fd05fdfdc75779a79"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/commit/c815822c8bdb138066ff58c624ae83e3a12ebfa9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/rpm-software-management/rpm/commit/f2d3be2a8741234faaa96f5fd05fdfdc75779a79"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-7501
Vulnerability from fkie_nvd - Published: 2017-11-22 22:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED564028-B312-4A22-812A-8928BBBB4E40",
"versionEndExcluding": "4.13.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation."
},
{
"lang": "es",
"value": "Se ha descubierto que las versiones de rpm anteriores a la 4.13.0.2 emplean archivos temporales con nombres predecibles al instalar un RPM. Un atacante que pueda escribir en un directorio en el que se instalar\u00e1n archivos podr\u00eda crear enlaces simb\u00f3licos en una localizaci\u00f3n arbitraria y modificar contenido y, probablemente, permisos en archivos arbitrarios. Esto podr\u00eda emplearse para provocar una denegaci\u00f3n de servicio o un posible escalado de privilegios."
}
],
"id": "CVE-2017-7501",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-22T22:29:00.270",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201811-22"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
FKIE_CVE-2014-8118
Vulnerability from fkie_nvd - Published: 2014-12-16 18:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rpm | rpm | * | |
| rpm | rpm | 1.2 | |
| rpm | rpm | 1.3 | |
| rpm | rpm | 1.3.1 | |
| rpm | rpm | 1.4 | |
| rpm | rpm | 1.4.1 | |
| rpm | rpm | 1.4.2 | |
| rpm | rpm | 1.4.2\/a | |
| rpm | rpm | 1.4.3 | |
| rpm | rpm | 1.4.4 | |
| rpm | rpm | 1.4.5 | |
| rpm | rpm | 1.4.6 | |
| rpm | rpm | 1.4.7 | |
| rpm | rpm | 2.0 | |
| rpm | rpm | 2.0.1 | |
| rpm | rpm | 2.0.2 | |
| rpm | rpm | 2.0.3 | |
| rpm | rpm | 2.0.4 | |
| rpm | rpm | 2.0.5 | |
| rpm | rpm | 2.0.6 | |
| rpm | rpm | 2.0.7 | |
| rpm | rpm | 2.0.8 | |
| rpm | rpm | 2.0.9 | |
| rpm | rpm | 2.0.10 | |
| rpm | rpm | 2.0.11 | |
| rpm | rpm | 2.1 | |
| rpm | rpm | 2.1.1 | |
| rpm | rpm | 2.1.2 | |
| rpm | rpm | 2.2 | |
| rpm | rpm | 2.2.1 | |
| rpm | rpm | 2.2.2 | |
| rpm | rpm | 2.2.3 | |
| rpm | rpm | 2.2.3.10 | |
| rpm | rpm | 2.2.3.11 | |
| rpm | rpm | 2.2.4 | |
| rpm | rpm | 2.2.5 | |
| rpm | rpm | 2.2.6 | |
| rpm | rpm | 2.2.7 | |
| rpm | rpm | 2.2.8 | |
| rpm | rpm | 2.2.9 | |
| rpm | rpm | 2.2.10 | |
| rpm | rpm | 2.2.11 | |
| rpm | rpm | 2.3 | |
| rpm | rpm | 2.3.1 | |
| rpm | rpm | 2.3.2 | |
| rpm | rpm | 2.3.3 | |
| rpm | rpm | 2.3.4 | |
| rpm | rpm | 2.3.5 | |
| rpm | rpm | 2.3.6 | |
| rpm | rpm | 2.3.7 | |
| rpm | rpm | 2.3.8 | |
| rpm | rpm | 2.3.9 | |
| rpm | rpm | 2.4.1 | |
| rpm | rpm | 2.4.2 | |
| rpm | rpm | 2.4.3 | |
| rpm | rpm | 2.4.4 | |
| rpm | rpm | 2.4.5 | |
| rpm | rpm | 2.4.6 | |
| rpm | rpm | 2.4.8 | |
| rpm | rpm | 2.4.9 | |
| rpm | rpm | 2.4.11 | |
| rpm | rpm | 2.4.12 | |
| rpm | rpm | 2.5 | |
| rpm | rpm | 2.5.1 | |
| rpm | rpm | 2.5.2 | |
| rpm | rpm | 2.5.3 | |
| rpm | rpm | 2.5.4 | |
| rpm | rpm | 2.5.5 | |
| rpm | rpm | 2.5.6 | |
| rpm | rpm | 2.6.7 | |
| rpm | rpm | 3.0 | |
| rpm | rpm | 3.0.1 | |
| rpm | rpm | 3.0.2 | |
| rpm | rpm | 3.0.3 | |
| rpm | rpm | 3.0.4 | |
| rpm | rpm | 3.0.5 | |
| rpm | rpm | 3.0.6 | |
| rpm | rpm | 4.0. | |
| rpm | rpm | 4.0.1 | |
| rpm | rpm | 4.0.2 | |
| rpm | rpm | 4.0.3 | |
| rpm | rpm | 4.0.4 | |
| rpm | rpm | 4.1 | |
| rpm | rpm | 4.3.3 | |
| rpm | rpm | 4.4.2.1 | |
| rpm | rpm | 4.4.2.2 | |
| rpm | rpm | 4.4.2.3 | |
| rpm | rpm | 4.5.90 | |
| rpm | rpm | 4.6.0 | |
| rpm | rpm | 4.6.0 | |
| rpm | rpm | 4.6.0 | |
| rpm | rpm | 4.6.0 | |
| rpm | rpm | 4.6.0 | |
| rpm | rpm | 4.6.1 | |
| rpm | rpm | 4.7.0 | |
| rpm | rpm | 4.7.1 | |
| rpm | rpm | 4.7.2 | |
| rpm | rpm | 4.8.0 | |
| rpm | rpm | 4.8.1 | |
| rpm | rpm | 4.9.0 | |
| rpm | rpm | 4.9.0 | |
| rpm | rpm | 4.9.0 | |
| rpm | rpm | 4.9.0 | |
| rpm | rpm | 4.9.1 | |
| rpm | rpm | 4.9.1.1 | |
| rpm | rpm | 4.9.1.2 | |
| rpm | rpm | 4.10.0 | |
| rpm | rpm | 4.10.1 | |
| rpm | rpm | 4.10.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59386013-F469-49E5-873C-523C6AB9D3E0",
"versionEndIncluding": "4.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "76112E07-F476-41E5-9FF8-E85C28019BD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E064D1B0-093D-4C62-89A0-481D261F9AE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D05B2BC3-41EB-4839-B3DC-AF8B567D0318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55B95097-EEA2-42A1-AA30-4AC519E67B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "985E051C-677E-4DCD-9181-F5F33342FE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "267ACF41-E8E2-4F9E-983A-E526DACFCE82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.2\\/a:*:*:*:*:*:*:*",
"matchCriteriaId": "6429C42B-EBD6-4D93-AABB-AD268ADB72AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1372FF29-498C-41CB-AB2E-25CEC92866AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5EFE8428-E00F-4E5F-8787-F63FEE93E617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4E9CC7-1BD8-490B-9C9B-E4A76EFAD13D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAB0B1A-A9E5-4808-85EC-0BD2A3F753AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D1E892-05D5-4C79-AD12-7B7C0421E509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CA6696D-D6CC-4C23-AB8F-91474BFC341E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B16D91A5-35F5-44F3-A515-8E4F27B563D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "08974D05-C00C-438C-A76F-E17C191D0CE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "81771BF8-0788-44B5-8694-AFF436FDECD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "93BF53E9-CC37-4E31-9F34-2B569947887F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D79478-665E-4D18-AAA6-BA51C41A4C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1A59FF59-BD73-4C13-AC51-98126ED46573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "99C83F0D-159B-4CFB-92C6-83D36225080A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B7A4BC0-43DF-4542-A54F-BF8B07F30B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B926B035-659A-4F86-B680-CD1A6163F2D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A98BC57C-69AD-40F6-885B-3A560F69809F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "71499D02-8989-4AA0-80FB-28860F103EB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B424D987-8421-4FE5-B9F7-0D4AB7AC921B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9F58F12D-301C-4C4D-8F78-0B6A7B220B0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "19A30CF4-508D-407B-A097-30331AF9D452",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E49FB5B-5BFA-4736-8F2C-C07188D0BC00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "883AE5CC-379E-41A7-A8B5-12671015F131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8D8FEA-89A2-4133-89D7-FD403D605E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FBDA2319-4C36-44A5-A1F2-E0F1EFC1DE23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E11322F8-93B7-457C-8993-B0A8D3274468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD35E28-313C-4CF7-AEC0-1C91316FF5B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2B591779-643B-4E2E-9270-40748EDA1BA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB3C91C9-CFDC-4C51-B6AF-51F1560161A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F9D67C30-F0CA-410B-8C3A-EA5536BC256E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "80DB9D55-9BC2-416C-9A2A-021F4EC0E884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7B48E845-573C-4F07-8D69-F1A54CCEEDE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9642BA0F-CBBD-4FB5-8A20-BBCAD7EC31CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "45C9FE2D-197A-45EB-BE40-B746B13F2C02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E07E462F-2163-430B-9315-75BFD00113C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1F650FC0-1DF8-4432-92F5-4B4DCEFC2D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "347BC012-5307-4B0F-A013-624ED455ABD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED89DCC-0EFF-4665-BDE0-406155A46BDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEB6C44-B615-46F8-A5DC-BEF25D932314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "979D846B-9DD9-474A-A8BE-25334D2969B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF5DE17-2061-4896-B7DA-CFDEF46E9652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BB528B71-8BF5-4D93-A1BC-DF0502AEA58F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0585DC0B-DFBB-466E-9D3D-86E19A4B88A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "041B087D-4FBC-4EDC-AAC0-DF8A1D39980A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4FB33B-5015-4620-BD21-3F0C916069EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "684E9118-30B2-476C-816E-CA4B2916017B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF46B23-559C-4DF0-8510-C79F17ABF22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BD40A202-557B-495C-BBE5-DEC9FF97EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3DB711-AE17-4B3B-9D45-C38CBDF418A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EF2E6A8E-4C9B-46A1-B786-6C0B3A3395F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3D049089-7FBD-41A6-8A5B-8497DA24C720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "20DEBEDF-3E64-4417-BC41-7F0E20C522F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF99B53-237E-468B-8B7F-A105FE40803B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D5F196-4BA9-43EB-BE38-EE405C8CC0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "66C4022C-F1D4-4A58-8341-E22EAF943511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F5503DC6-40DB-4A84-984E-BDEED82F224A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90148D48-5DA5-46F9-AE96-618C427A5DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "733E1435-CE73-4A39-97EB-304D2F45A838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA80DA6E-CCE3-4CAF-B2A1-E6FF2B702D3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D08FD930-F2BC-47BC-86BC-07545D1431B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE028F-D0BE-435C-826D-CCBFFEBF3B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E08EB15D-1842-41F4-9F19-FF6571055242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "43CF2BBF-83AA-451E-8E30-E040EFCF6F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "409B29B1-E2E0-4CBD-83D0-F4CE67820F5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D325D4A-166A-4174-BEA8-1C6D47A8DDBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C6AEBBD1-2320-42A3-8DCA-46DF61007349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E54C09F8-F0F5-4BDF-868F-0B6A4609B3E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "132C1B54-0438-4239-B599-8160D494EE26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5CCEAC-3D92-46DB-AC88-859ED5A5E277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "ED68CE6A-2BF5-49F2-AEAE-199AAC94807B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.0.:*:*:*:*:*:*:*",
"matchCriteriaId": "5C589CD4-5A9E-41E1-BBFA-AF4BE2DD31E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E406BD-8CC3-4929-ABB2-F820F8C83823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8685704C-C43D-4315-A541-4E04B7B08B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "39C1D452-A003-4DB1-A8CF-0F7FBB9A5811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F8C79E-416F-4C88-B102-3BB60E969FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F47849F-4466-4500-802C-260970D6A764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C190DE39-ABEF-4DA1-A909-B9E98BD5A468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "77BB52FC-E320-47CD-A180-C22371D7AFEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01A746D6-4C15-49BD-B17C-2CA06FFA76D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8664CDC-6A09-45F0-B5CD-BE5688FDBB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.5.90:*:*:*:*:*:*:*",
"matchCriteriaId": "6897D7B8-F2A3-4A18-83AF-5473E971DCDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEBBBEE-CE1D-4F4B-B0F7-428814B791BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D0E27D80-E3C5-42A2-8794-56BA0D28EFB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F2043930-ECC5-40C6-907E-C5AF2D3EE51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "25706042-3E57-45D2-9917-5DDD818205FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.6.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "85B0DA93-4048-4F25-8D69-76F149D411BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "055D95AA-3797-437E-88FD-764D807B5E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7164A1F5-EE8E-46C6-8E9E-D267CF5936ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "62495EC6-B5DB-4AB2-840C-98AC4CE34990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A87B2FBC-567D-4A1F-AA9C-5DA68C1AA4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCD5EE9-2D1F-4042-B53A-C5BA24265709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE5D6F9-304C-4A3F-AD8E-CD7F01F8AD97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63210F22-8DC0-4B0F-BAC3-962E319D36BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.9.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "65B5D793-77FC-4333-888A-57A913EA5BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.9.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "1C2A6ADF-F539-4257-AE05-7316231106C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0AF5D1C5-DDFC-4218-B3E2-0C34768DAC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97928439-BB18-4F36-928C-D5FB6F08AC59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B190E4B8-794A-4B6E-B3E5-83ABDD381315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22B88DF3-BC03-401D-B46D-738D2AF1ACE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3980237-762C-40CE-B376-EA225C2F9214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "851F5ACE-A9AB-42BE-A36C-E9C4E333D293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B773DF74-6F5F-4400-B971-E42BCE13A0C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en RPM 4.12 y anteriores permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cabecera CPIO manipulada en la secci\u00f3n \u0027payload\u0027 de un ficheros RPM, lo que provoca un desbordamiento de buffer basado en pila."
}
],
"id": "CVE-2014-8118",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-16T18:59:06.733",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://advisories.mageia.org/MGASA-2014-0529.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1976.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3129"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:251"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:056"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0529.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1976.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201811-22"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-6435
Vulnerability from fkie_nvd - Published: 2014-12-16 18:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rpm | rpm | * | |
| rpm | rpm | 1.2 | |
| rpm | rpm | 1.3 | |
| rpm | rpm | 1.3.1 | |
| rpm | rpm | 1.4 | |
| rpm | rpm | 1.4.1 | |
| rpm | rpm | 1.4.2 | |
| rpm | rpm | 1.4.2\/a | |
| rpm | rpm | 1.4.3 | |
| rpm | rpm | 1.4.4 | |
| rpm | rpm | 1.4.5 | |
| rpm | rpm | 1.4.6 | |
| rpm | rpm | 1.4.7 | |
| rpm | rpm | 2.0 | |
| rpm | rpm | 2.0.1 | |
| rpm | rpm | 2.0.2 | |
| rpm | rpm | 2.0.3 | |
| rpm | rpm | 2.0.4 | |
| rpm | rpm | 2.0.5 | |
| rpm | rpm | 2.0.6 | |
| rpm | rpm | 2.0.7 | |
| rpm | rpm | 2.0.8 | |
| rpm | rpm | 2.0.9 | |
| rpm | rpm | 2.0.10 | |
| rpm | rpm | 2.0.11 | |
| rpm | rpm | 2.1 | |
| rpm | rpm | 2.1.1 | |
| rpm | rpm | 2.1.2 | |
| rpm | rpm | 2.2 | |
| rpm | rpm | 2.2.1 | |
| rpm | rpm | 2.2.2 | |
| rpm | rpm | 2.2.3 | |
| rpm | rpm | 2.2.3.10 | |
| rpm | rpm | 2.2.3.11 | |
| rpm | rpm | 2.2.4 | |
| rpm | rpm | 2.2.5 | |
| rpm | rpm | 2.2.6 | |
| rpm | rpm | 2.2.7 | |
| rpm | rpm | 2.2.8 | |
| rpm | rpm | 2.2.9 | |
| rpm | rpm | 2.2.10 | |
| rpm | rpm | 2.2.11 | |
| rpm | rpm | 2.3 | |
| rpm | rpm | 2.3.1 | |
| rpm | rpm | 2.3.2 | |
| rpm | rpm | 2.3.3 | |
| rpm | rpm | 2.3.4 | |
| rpm | rpm | 2.3.5 | |
| rpm | rpm | 2.3.6 | |
| rpm | rpm | 2.3.7 | |
| rpm | rpm | 2.3.8 | |
| rpm | rpm | 2.3.9 | |
| rpm | rpm | 2.4.1 | |
| rpm | rpm | 2.4.2 | |
| rpm | rpm | 2.4.3 | |
| rpm | rpm | 2.4.4 | |
| rpm | rpm | 2.4.5 | |
| rpm | rpm | 2.4.6 | |
| rpm | rpm | 2.4.8 | |
| rpm | rpm | 2.4.9 | |
| rpm | rpm | 2.4.11 | |
| rpm | rpm | 2.4.12 | |
| rpm | rpm | 2.5 | |
| rpm | rpm | 2.5.1 | |
| rpm | rpm | 2.5.2 | |
| rpm | rpm | 2.5.3 | |
| rpm | rpm | 2.5.4 | |
| rpm | rpm | 2.5.5 | |
| rpm | rpm | 2.5.6 | |
| rpm | rpm | 2.6.7 | |
| rpm | rpm | 3.0 | |
| rpm | rpm | 3.0.1 | |
| rpm | rpm | 3.0.2 | |
| rpm | rpm | 3.0.3 | |
| rpm | rpm | 3.0.4 | |
| rpm | rpm | 3.0.5 | |
| rpm | rpm | 3.0.6 | |
| rpm | rpm | 4.0. | |
| rpm | rpm | 4.0.1 | |
| rpm | rpm | 4.0.2 | |
| rpm | rpm | 4.0.3 | |
| rpm | rpm | 4.0.4 | |
| rpm | rpm | 4.1 | |
| rpm | rpm | 4.3.3 | |
| rpm | rpm | 4.4.2.1 | |
| rpm | rpm | 4.4.2.2 | |
| rpm | rpm | 4.4.2.3 | |
| rpm | rpm | 4.5.90 | |
| rpm | rpm | 4.6.0 | |
| rpm | rpm | 4.6.0 | |
| rpm | rpm | 4.6.0 | |
| rpm | rpm | 4.6.0 | |
| rpm | rpm | 4.6.0 | |
| rpm | rpm | 4.6.1 | |
| rpm | rpm | 4.7.0 | |
| rpm | rpm | 4.7.1 | |
| rpm | rpm | 4.7.2 | |
| rpm | rpm | 4.8.0 | |
| rpm | rpm | 4.8.1 | |
| rpm | rpm | 4.9.0 | |
| rpm | rpm | 4.9.0 | |
| rpm | rpm | 4.9.0 | |
| rpm | rpm | 4.9.0 | |
| rpm | rpm | 4.9.1 | |
| rpm | rpm | 4.9.1.1 | |
| rpm | rpm | 4.9.1.2 | |
| rpm | rpm | 4.10.0 | |
| rpm | rpm | 4.10.1 | |
| rpm | rpm | 4.10.2 | |
| debian | debian_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA94CF0-0F15-43AE-A55F-CAD58625F138",
"versionEndIncluding": "4.11.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "76112E07-F476-41E5-9FF8-E85C28019BD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E064D1B0-093D-4C62-89A0-481D261F9AE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D05B2BC3-41EB-4839-B3DC-AF8B567D0318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55B95097-EEA2-42A1-AA30-4AC519E67B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "985E051C-677E-4DCD-9181-F5F33342FE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "267ACF41-E8E2-4F9E-983A-E526DACFCE82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.2\\/a:*:*:*:*:*:*:*",
"matchCriteriaId": "6429C42B-EBD6-4D93-AABB-AD268ADB72AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1372FF29-498C-41CB-AB2E-25CEC92866AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5EFE8428-E00F-4E5F-8787-F63FEE93E617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4E9CC7-1BD8-490B-9C9B-E4A76EFAD13D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAB0B1A-A9E5-4808-85EC-0BD2A3F753AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D1E892-05D5-4C79-AD12-7B7C0421E509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CA6696D-D6CC-4C23-AB8F-91474BFC341E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B16D91A5-35F5-44F3-A515-8E4F27B563D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "08974D05-C00C-438C-A76F-E17C191D0CE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "81771BF8-0788-44B5-8694-AFF436FDECD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "93BF53E9-CC37-4E31-9F34-2B569947887F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D79478-665E-4D18-AAA6-BA51C41A4C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1A59FF59-BD73-4C13-AC51-98126ED46573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "99C83F0D-159B-4CFB-92C6-83D36225080A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B7A4BC0-43DF-4542-A54F-BF8B07F30B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B926B035-659A-4F86-B680-CD1A6163F2D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A98BC57C-69AD-40F6-885B-3A560F69809F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "71499D02-8989-4AA0-80FB-28860F103EB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B424D987-8421-4FE5-B9F7-0D4AB7AC921B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9F58F12D-301C-4C4D-8F78-0B6A7B220B0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "19A30CF4-508D-407B-A097-30331AF9D452",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E49FB5B-5BFA-4736-8F2C-C07188D0BC00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "883AE5CC-379E-41A7-A8B5-12671015F131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8D8FEA-89A2-4133-89D7-FD403D605E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FBDA2319-4C36-44A5-A1F2-E0F1EFC1DE23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E11322F8-93B7-457C-8993-B0A8D3274468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD35E28-313C-4CF7-AEC0-1C91316FF5B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2B591779-643B-4E2E-9270-40748EDA1BA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB3C91C9-CFDC-4C51-B6AF-51F1560161A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F9D67C30-F0CA-410B-8C3A-EA5536BC256E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "80DB9D55-9BC2-416C-9A2A-021F4EC0E884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7B48E845-573C-4F07-8D69-F1A54CCEEDE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9642BA0F-CBBD-4FB5-8A20-BBCAD7EC31CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "45C9FE2D-197A-45EB-BE40-B746B13F2C02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E07E462F-2163-430B-9315-75BFD00113C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1F650FC0-1DF8-4432-92F5-4B4DCEFC2D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "347BC012-5307-4B0F-A013-624ED455ABD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED89DCC-0EFF-4665-BDE0-406155A46BDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEB6C44-B615-46F8-A5DC-BEF25D932314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "979D846B-9DD9-474A-A8BE-25334D2969B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF5DE17-2061-4896-B7DA-CFDEF46E9652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BB528B71-8BF5-4D93-A1BC-DF0502AEA58F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0585DC0B-DFBB-466E-9D3D-86E19A4B88A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "041B087D-4FBC-4EDC-AAC0-DF8A1D39980A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4FB33B-5015-4620-BD21-3F0C916069EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "684E9118-30B2-476C-816E-CA4B2916017B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF46B23-559C-4DF0-8510-C79F17ABF22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BD40A202-557B-495C-BBE5-DEC9FF97EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3DB711-AE17-4B3B-9D45-C38CBDF418A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EF2E6A8E-4C9B-46A1-B786-6C0B3A3395F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3D049089-7FBD-41A6-8A5B-8497DA24C720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "20DEBEDF-3E64-4417-BC41-7F0E20C522F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF99B53-237E-468B-8B7F-A105FE40803B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D5F196-4BA9-43EB-BE38-EE405C8CC0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "66C4022C-F1D4-4A58-8341-E22EAF943511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F5503DC6-40DB-4A84-984E-BDEED82F224A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90148D48-5DA5-46F9-AE96-618C427A5DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "733E1435-CE73-4A39-97EB-304D2F45A838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA80DA6E-CCE3-4CAF-B2A1-E6FF2B702D3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D08FD930-F2BC-47BC-86BC-07545D1431B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE028F-D0BE-435C-826D-CCBFFEBF3B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E08EB15D-1842-41F4-9F19-FF6571055242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "43CF2BBF-83AA-451E-8E30-E040EFCF6F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "409B29B1-E2E0-4CBD-83D0-F4CE67820F5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D325D4A-166A-4174-BEA8-1C6D47A8DDBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C6AEBBD1-2320-42A3-8DCA-46DF61007349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E54C09F8-F0F5-4BDF-868F-0B6A4609B3E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "132C1B54-0438-4239-B599-8160D494EE26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5CCEAC-3D92-46DB-AC88-859ED5A5E277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "ED68CE6A-2BF5-49F2-AEAE-199AAC94807B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.0.:*:*:*:*:*:*:*",
"matchCriteriaId": "5C589CD4-5A9E-41E1-BBFA-AF4BE2DD31E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E406BD-8CC3-4929-ABB2-F820F8C83823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8685704C-C43D-4315-A541-4E04B7B08B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "39C1D452-A003-4DB1-A8CF-0F7FBB9A5811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F8C79E-416F-4C88-B102-3BB60E969FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F47849F-4466-4500-802C-260970D6A764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C190DE39-ABEF-4DA1-A909-B9E98BD5A468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "77BB52FC-E320-47CD-A180-C22371D7AFEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01A746D6-4C15-49BD-B17C-2CA06FFA76D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8664CDC-6A09-45F0-B5CD-BE5688FDBB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.5.90:*:*:*:*:*:*:*",
"matchCriteriaId": "6897D7B8-F2A3-4A18-83AF-5473E971DCDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEBBBEE-CE1D-4F4B-B0F7-428814B791BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D0E27D80-E3C5-42A2-8794-56BA0D28EFB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F2043930-ECC5-40C6-907E-C5AF2D3EE51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "25706042-3E57-45D2-9917-5DDD818205FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.6.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "85B0DA93-4048-4F25-8D69-76F149D411BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "055D95AA-3797-437E-88FD-764D807B5E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7164A1F5-EE8E-46C6-8E9E-D267CF5936ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "62495EC6-B5DB-4AB2-840C-98AC4CE34990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A87B2FBC-567D-4A1F-AA9C-5DA68C1AA4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCD5EE9-2D1F-4042-B53A-C5BA24265709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE5D6F9-304C-4A3F-AD8E-CD7F01F8AD97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63210F22-8DC0-4B0F-BAC3-962E319D36BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.9.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "65B5D793-77FC-4333-888A-57A913EA5BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.9.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "1C2A6ADF-F539-4257-AE05-7316231106C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0AF5D1C5-DDFC-4218-B3E2-0C34768DAC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97928439-BB18-4F36-928C-D5FB6F08AC59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B190E4B8-794A-4B6E-B3E5-83ABDD381315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22B88DF3-BC03-401D-B46D-738D2AF1ACE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3980237-762C-40CE-B376-EA225C2F9214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "851F5ACE-A9AB-42BE-A36C-E9C4E333D293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rpm:rpm:4.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B773DF74-6F5F-4400-B971-E42BCE13A0C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory."
},
{
"lang": "es",
"value": "Condici\u00f3n de carrera en RPM 4.11.1 y anteriores permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero RPM manipulado cuyo instalaci\u00f3n extrae los contenidos de ficheros temporales antes de validar la firma, tal y como fue demostrado mediante la instalaci\u00f3n de un fichero en el directorio /etc/cron.d."
}
],
"id": "CVE-2013-6435",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-16T18:59:00.090",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://advisories.mageia.org/MGASA-2014-0529.html"
},
{
"source": "secalert@redhat.com",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1974.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1975.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1976.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2015/dsa-3129"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:251"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:056"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/71558"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039811"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"source": "secalert@redhat.com",
"url": "https://securityblog.redhat.com/2014/12/10/analysis-of-the-cve-2013-6435-flaw-in-rpm/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0529.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1974.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1975.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1976.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://securityblog.redhat.com/2014/12/10/analysis-of-the-cve-2013-6435-flaw-in-rpm/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2021-35939 (GCVE-0-2021-35939)
Vulnerability from cvelistv5 – Published: 2022-08-26 00:00 – Updated: 2024-08-04 00:40
VLAI?
Summary
It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Severity ?
No CVSS data available.
CWE
- CWE-59 - - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:47.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/pull/1919"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964129"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/96ec957e281220f8e137a2d5eb23b83a6377d556"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-35939"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RPM",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in RPM-v4.18"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 - Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-31T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"url": "https://github.com/rpm-software-management/rpm/pull/1919"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964129"
},
{
"url": "https://github.com/rpm-software-management/rpm/commit/96ec957e281220f8e137a2d5eb23b83a6377d556"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-35939"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-35939",
"datePublished": "2022-08-26T00:00:00",
"dateReserved": "2021-06-29T00:00:00",
"dateUpdated": "2024-08-04T00:40:47.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35937 (GCVE-0-2021-35937)
Vulnerability from cvelistv5 – Published: 2022-08-25 00:00 – Updated: 2024-08-04 00:40
VLAI?
Summary
A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Severity ?
No CVSS data available.
CWE
- CWE-59 - - Improper Link Resolution Before File Access ('Link Following'), CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:47.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964125"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-35937"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.usenix.org/legacy/event/sec05/tech/full_papers/borisov/borisov.pdf"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RPM",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in rpm v4.18.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 - Improper Link Resolution Before File Access (\u0027Link Following\u0027), CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-31T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964125"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-35937"
},
{
"url": "https://www.usenix.org/legacy/event/sec05/tech/full_papers/borisov/borisov.pdf"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-35937",
"datePublished": "2022-08-25T00:00:00",
"dateReserved": "2021-06-29T00:00:00",
"dateUpdated": "2024-08-04T00:40:47.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35938 (GCVE-0-2021-35938)
Vulnerability from cvelistv5 – Published: 2022-08-25 00:00 – Updated: 2024-08-04 00:40
VLAI?
Summary
A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Severity ?
No CVSS data available.
CWE
- CWE-59 - - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:47.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964114"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157880"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-35938"
},
{
"tags": [
"x_transferred"
],
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/pull/1919"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/25a435e90844ea98fe5eb7bef22c1aecf3a9c033"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RPM",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in rpm v4.18.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 - Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-31T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964114"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157880"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-35938"
},
{
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"url": "https://github.com/rpm-software-management/rpm/pull/1919"
},
{
"url": "https://github.com/rpm-software-management/rpm/commit/25a435e90844ea98fe5eb7bef22c1aecf3a9c033"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-35938",
"datePublished": "2022-08-25T00:00:00",
"dateReserved": "2021-06-29T00:00:00",
"dateUpdated": "2024-08-04T00:40:47.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3521 (GCVE-0-2021-3521)
Vulnerability from cvelistv5 – Published: 2022-08-22 00:00 – Updated: 2024-08-03 17:01
VLAI?
Summary
There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a "binding signature." RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey to a legitimate public key, RPM could wrongly trust a malicious signature. The greatest impact of this flaw is to data integrity. To exploit this flaw, an attacker must either compromise an RPM repository or convince an administrator to install an untrusted RPM or public key. It is strongly recommended to only use RPMs and public keys from trusted sources.
Severity ?
No CVSS data available.
CWE
- CWE-347 - - Improper Verification of Cryptographic Signature
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:07.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941098"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3521"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/pull/1795/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/bd36c5dc9fb6d90c46fbfed8c2d67516fc571ec8"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RPM",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in rpm-4.18.0-beta1, rpm-4.18.0-alpha2, rpm-4.18.0-alpha1 ."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a flaw in RPM\u0027s signature functionality. OpenPGP subkeys are associated with a primary key via a \"binding signature.\" RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey to a legitimate public key, RPM could wrongly trust a malicious signature. The greatest impact of this flaw is to data integrity. To exploit this flaw, an attacker must either compromise an RPM repository or convince an administrator to install an untrusted RPM or public key. It is strongly recommended to only use RPMs and public keys from trusted sources."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 - Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-31T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941098"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3521"
},
{
"url": "https://github.com/rpm-software-management/rpm/pull/1795/"
},
{
"url": "https://github.com/rpm-software-management/rpm/commit/bd36c5dc9fb6d90c46fbfed8c2d67516fc571ec8"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3521",
"datePublished": "2022-08-22T00:00:00",
"dateReserved": "2021-04-28T00:00:00",
"dateUpdated": "2024-08-03T17:01:07.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3421 (GCVE-0-2021-3421)
Vulnerability from cvelistv5 – Published: 2021-05-19 13:40 – Updated: 2024-08-03 16:53
VLAI?
Summary
A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:53:17.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2021-2383d950fd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"name": "FEDORA-2021-8d52a8a999",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "FEDORA-2021-662680e477",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927747"
},
{
"name": "GLSA-202107-43",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-43"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rpm",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "rpm 4.17.0-alpha"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-20T10:07:20",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2021-2383d950fd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"name": "FEDORA-2021-8d52a8a999",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "FEDORA-2021-662680e477",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927747"
},
{
"name": "GLSA-202107-43",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-43"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-3421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rpm",
"version": {
"version_data": [
{
"version_value": "rpm 4.17.0-alpha"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2021-2383d950fd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"name": "FEDORA-2021-8d52a8a999",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "FEDORA-2021-662680e477",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1927747",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927747"
},
{
"name": "GLSA-202107-43",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-43"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3421",
"datePublished": "2021-05-19T13:40:58",
"dateReserved": "2021-03-03T00:00:00",
"dateUpdated": "2024-08-03T16:53:17.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20266 (GCVE-0-2021-20266)
Vulnerability from cvelistv5 – Published: 2021-04-30 11:22 – Updated: 2024-08-03 17:37
VLAI?
Summary
A flaw was found in RPM's hdrblobInit() in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:37:23.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927741"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "GLSA-202107-43",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-43"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rpm",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "rpm 4.17.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in RPM\u0027s hdrblobInit() in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-20T10:07:18",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927741"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "GLSA-202107-43",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-43"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-20266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rpm",
"version": {
"version_data": [
{
"version_value": "rpm 4.17.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in RPM\u0027s hdrblobInit() in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1927741",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927741"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "GLSA-202107-43",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-43"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-20266",
"datePublished": "2021-04-30T11:22:49",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:37:23.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20271 (GCVE-0-2021-20271)
Vulnerability from cvelistv5 – Published: 2021-03-26 00:00 – Updated: 2024-08-03 17:37
VLAI?
Summary
A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:37:23.716Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934125"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21"
},
{
"name": "FEDORA-2021-2383d950fd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"name": "FEDORA-2021-8d52a8a999",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "FEDORA-2021-662680e477",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/"
},
{
"name": "GLSA-202107-43",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-43"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.starwindsoftware.com/security/sw-20220805-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rpm",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in RPM\u0027s signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934125"
},
{
"url": "https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21"
},
{
"name": "FEDORA-2021-2383d950fd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"name": "FEDORA-2021-8d52a8a999",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "FEDORA-2021-662680e477",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/"
},
{
"name": "GLSA-202107-43",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202107-43"
},
{
"url": "https://www.starwindsoftware.com/security/sw-20220805-0002/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-20271",
"datePublished": "2021-03-26T00:00:00",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:37:23.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7500 (GCVE-0-2017-7500)
Vulnerability from cvelistv5 – Published: 2018-08-13 17:00 – Updated: 2024-08-05 16:04
VLAI?
Summary
It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege.
Severity ?
7.3 (High)
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.858Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/c815822c8bdb138066ff58c624ae83e3a12ebfa9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/f2d3be2a8741234faaa96f5fd05fdfdc75779a79"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7500"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rpm",
"vendor": "[UNKNOWN]",
"versions": [
{
"status": "affected",
"version": "4.13.0.2"
},
{
"status": "affected",
"version": "4.14.0"
}
]
}
],
"datePublic": "2017-07-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-13T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rpm-software-management/rpm/commit/c815822c8bdb138066ff58c624ae83e3a12ebfa9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rpm-software-management/rpm/commit/f2d3be2a8741234faaa96f5fd05fdfdc75779a79"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7500"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-7500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rpm",
"version": {
"version_data": [
{
"version_value": "4.13.0.2"
},
{
"version_value": "4.14.0"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/rpm-software-management/rpm/commit/c815822c8bdb138066ff58c624ae83e3a12ebfa9",
"refsource": "CONFIRM",
"url": "https://github.com/rpm-software-management/rpm/commit/c815822c8bdb138066ff58c624ae83e3a12ebfa9"
},
{
"name": "https://github.com/rpm-software-management/rpm/commit/f2d3be2a8741234faaa96f5fd05fdfdc75779a79",
"refsource": "CONFIRM",
"url": "https://github.com/rpm-software-management/rpm/commit/f2d3be2a8741234faaa96f5fd05fdfdc75779a79"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7500",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7500"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7500",
"datePublished": "2018-08-13T17:00:00",
"dateReserved": "2017-04-05T00:00:00",
"dateUpdated": "2024-08-05T16:04:11.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7501 (GCVE-0-2017-7501)
Vulnerability from cvelistv5 – Published: 2017-11-22 22:00 – Updated: 2024-09-17 00:02
VLAI?
Summary
It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Red Hat, Inc. | rpm |
Affected:
before 4.13.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201811-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rpm",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "before 4.13.0.2"
}
]
}
],
"datePublic": "2017-05-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T14:06:43",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "GLSA-201811-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2017-05-18T00:00:00",
"ID": "CVE-2017-7501",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rpm",
"version": {
"version_data": [
{
"version_value": "before 4.13.0.2"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201811-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"name": "https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc",
"refsource": "MISC",
"url": "https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7501",
"datePublished": "2017-11-22T22:00:00Z",
"dateReserved": "2017-04-05T00:00:00",
"dateUpdated": "2024-09-17T00:02:20.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8118 (GCVE-0-2014-8118)
Vulnerability from cvelistv5 – Published: 2014-12-16 18:00 – Updated: 2024-08-06 13:10
VLAI?
Summary
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:50.836Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2015:056",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:056"
},
{
"name": "GLSA-201811-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0529.html"
},
{
"name": "MDVSA-2014:251",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:251"
},
{
"name": "DSA-3129",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3129"
},
{
"name": "RHSA-2014:1976",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1976.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-29T10:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDVSA-2015:056",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:056"
},
{
"name": "GLSA-201811-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0529.html"
},
{
"name": "MDVSA-2014:251",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:251"
},
{
"name": "DSA-3129",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3129"
},
{
"name": "RHSA-2014:1976",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1976.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-8118",
"datePublished": "2014-12-16T18:00:00",
"dateReserved": "2014-10-10T00:00:00",
"dateUpdated": "2024-08-06T13:10:50.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35939 (GCVE-0-2021-35939)
Vulnerability from nvd – Published: 2022-08-26 00:00 – Updated: 2024-08-04 00:40
VLAI?
Summary
It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Severity ?
No CVSS data available.
CWE
- CWE-59 - - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:47.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/pull/1919"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964129"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/96ec957e281220f8e137a2d5eb23b83a6377d556"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-35939"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RPM",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in RPM-v4.18"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 - Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-31T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"url": "https://github.com/rpm-software-management/rpm/pull/1919"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964129"
},
{
"url": "https://github.com/rpm-software-management/rpm/commit/96ec957e281220f8e137a2d5eb23b83a6377d556"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-35939"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-35939",
"datePublished": "2022-08-26T00:00:00",
"dateReserved": "2021-06-29T00:00:00",
"dateUpdated": "2024-08-04T00:40:47.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35937 (GCVE-0-2021-35937)
Vulnerability from nvd – Published: 2022-08-25 00:00 – Updated: 2024-08-04 00:40
VLAI?
Summary
A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Severity ?
No CVSS data available.
CWE
- CWE-59 - - Improper Link Resolution Before File Access ('Link Following'), CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:47.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964125"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-35937"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.usenix.org/legacy/event/sec05/tech/full_papers/borisov/borisov.pdf"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RPM",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in rpm v4.18.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 - Improper Link Resolution Before File Access (\u0027Link Following\u0027), CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-31T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964125"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-35937"
},
{
"url": "https://www.usenix.org/legacy/event/sec05/tech/full_papers/borisov/borisov.pdf"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-35937",
"datePublished": "2022-08-25T00:00:00",
"dateReserved": "2021-06-29T00:00:00",
"dateUpdated": "2024-08-04T00:40:47.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35938 (GCVE-0-2021-35938)
Vulnerability from nvd – Published: 2022-08-25 00:00 – Updated: 2024-08-04 00:40
VLAI?
Summary
A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Severity ?
No CVSS data available.
CWE
- CWE-59 - - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:47.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964114"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157880"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-35938"
},
{
"tags": [
"x_transferred"
],
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/pull/1919"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/25a435e90844ea98fe5eb7bef22c1aecf3a9c033"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RPM",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in rpm v4.18.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 - Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-31T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964114"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157880"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-35938"
},
{
"url": "https://rpm.org/wiki/Releases/4.18.0"
},
{
"url": "https://github.com/rpm-software-management/rpm/pull/1919"
},
{
"url": "https://github.com/rpm-software-management/rpm/commit/25a435e90844ea98fe5eb7bef22c1aecf3a9c033"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-35938",
"datePublished": "2022-08-25T00:00:00",
"dateReserved": "2021-06-29T00:00:00",
"dateUpdated": "2024-08-04T00:40:47.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3521 (GCVE-0-2021-3521)
Vulnerability from nvd – Published: 2022-08-22 00:00 – Updated: 2024-08-03 17:01
VLAI?
Summary
There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a "binding signature." RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey to a legitimate public key, RPM could wrongly trust a malicious signature. The greatest impact of this flaw is to data integrity. To exploit this flaw, an attacker must either compromise an RPM repository or convince an administrator to install an untrusted RPM or public key. It is strongly recommended to only use RPMs and public keys from trusted sources.
Severity ?
No CVSS data available.
CWE
- CWE-347 - - Improper Verification of Cryptographic Signature
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:07.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941098"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3521"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/pull/1795/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/bd36c5dc9fb6d90c46fbfed8c2d67516fc571ec8"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RPM",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in rpm-4.18.0-beta1, rpm-4.18.0-alpha2, rpm-4.18.0-alpha1 ."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a flaw in RPM\u0027s signature functionality. OpenPGP subkeys are associated with a primary key via a \"binding signature.\" RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey to a legitimate public key, RPM could wrongly trust a malicious signature. The greatest impact of this flaw is to data integrity. To exploit this flaw, an attacker must either compromise an RPM repository or convince an administrator to install an untrusted RPM or public key. It is strongly recommended to only use RPMs and public keys from trusted sources."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 - Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-31T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941098"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3521"
},
{
"url": "https://github.com/rpm-software-management/rpm/pull/1795/"
},
{
"url": "https://github.com/rpm-software-management/rpm/commit/bd36c5dc9fb6d90c46fbfed8c2d67516fc571ec8"
},
{
"name": "GLSA-202210-22",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-22"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3521",
"datePublished": "2022-08-22T00:00:00",
"dateReserved": "2021-04-28T00:00:00",
"dateUpdated": "2024-08-03T17:01:07.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3421 (GCVE-0-2021-3421)
Vulnerability from nvd – Published: 2021-05-19 13:40 – Updated: 2024-08-03 16:53
VLAI?
Summary
A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:53:17.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2021-2383d950fd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"name": "FEDORA-2021-8d52a8a999",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "FEDORA-2021-662680e477",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927747"
},
{
"name": "GLSA-202107-43",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-43"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rpm",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "rpm 4.17.0-alpha"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-20T10:07:20",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2021-2383d950fd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"name": "FEDORA-2021-8d52a8a999",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "FEDORA-2021-662680e477",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927747"
},
{
"name": "GLSA-202107-43",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-43"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-3421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rpm",
"version": {
"version_data": [
{
"version_value": "rpm 4.17.0-alpha"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2021-2383d950fd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"name": "FEDORA-2021-8d52a8a999",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "FEDORA-2021-662680e477",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1927747",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927747"
},
{
"name": "GLSA-202107-43",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-43"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3421",
"datePublished": "2021-05-19T13:40:58",
"dateReserved": "2021-03-03T00:00:00",
"dateUpdated": "2024-08-03T16:53:17.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20266 (GCVE-0-2021-20266)
Vulnerability from nvd – Published: 2021-04-30 11:22 – Updated: 2024-08-03 17:37
VLAI?
Summary
A flaw was found in RPM's hdrblobInit() in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:37:23.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927741"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "GLSA-202107-43",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-43"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rpm",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "rpm 4.17.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in RPM\u0027s hdrblobInit() in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-20T10:07:18",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927741"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "GLSA-202107-43",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-43"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-20266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rpm",
"version": {
"version_data": [
{
"version_value": "rpm 4.17.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in RPM\u0027s hdrblobInit() in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1927741",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927741"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "GLSA-202107-43",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-43"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-20266",
"datePublished": "2021-04-30T11:22:49",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:37:23.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20271 (GCVE-0-2021-20271)
Vulnerability from nvd – Published: 2021-03-26 00:00 – Updated: 2024-08-03 17:37
VLAI?
Summary
A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:37:23.716Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934125"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21"
},
{
"name": "FEDORA-2021-2383d950fd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"name": "FEDORA-2021-8d52a8a999",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "FEDORA-2021-662680e477",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/"
},
{
"name": "GLSA-202107-43",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-43"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.starwindsoftware.com/security/sw-20220805-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rpm",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in RPM\u0027s signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934125"
},
{
"url": "https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21"
},
{
"name": "FEDORA-2021-2383d950fd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/"
},
{
"name": "FEDORA-2021-8d52a8a999",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/"
},
{
"name": "FEDORA-2021-662680e477",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/"
},
{
"name": "GLSA-202107-43",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202107-43"
},
{
"url": "https://www.starwindsoftware.com/security/sw-20220805-0002/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-20271",
"datePublished": "2021-03-26T00:00:00",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:37:23.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7500 (GCVE-0-2017-7500)
Vulnerability from nvd – Published: 2018-08-13 17:00 – Updated: 2024-08-05 16:04
VLAI?
Summary
It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege.
Severity ?
7.3 (High)
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.858Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/c815822c8bdb138066ff58c624ae83e3a12ebfa9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/f2d3be2a8741234faaa96f5fd05fdfdc75779a79"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7500"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rpm",
"vendor": "[UNKNOWN]",
"versions": [
{
"status": "affected",
"version": "4.13.0.2"
},
{
"status": "affected",
"version": "4.14.0"
}
]
}
],
"datePublic": "2017-07-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-13T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rpm-software-management/rpm/commit/c815822c8bdb138066ff58c624ae83e3a12ebfa9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rpm-software-management/rpm/commit/f2d3be2a8741234faaa96f5fd05fdfdc75779a79"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7500"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-7500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rpm",
"version": {
"version_data": [
{
"version_value": "4.13.0.2"
},
{
"version_value": "4.14.0"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "7.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/rpm-software-management/rpm/commit/c815822c8bdb138066ff58c624ae83e3a12ebfa9",
"refsource": "CONFIRM",
"url": "https://github.com/rpm-software-management/rpm/commit/c815822c8bdb138066ff58c624ae83e3a12ebfa9"
},
{
"name": "https://github.com/rpm-software-management/rpm/commit/f2d3be2a8741234faaa96f5fd05fdfdc75779a79",
"refsource": "CONFIRM",
"url": "https://github.com/rpm-software-management/rpm/commit/f2d3be2a8741234faaa96f5fd05fdfdc75779a79"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7500",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7500"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7500",
"datePublished": "2018-08-13T17:00:00",
"dateReserved": "2017-04-05T00:00:00",
"dateUpdated": "2024-08-05T16:04:11.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7501 (GCVE-0-2017-7501)
Vulnerability from nvd – Published: 2017-11-22 22:00 – Updated: 2024-09-17 00:02
VLAI?
Summary
It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Red Hat, Inc. | rpm |
Affected:
before 4.13.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201811-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rpm",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "before 4.13.0.2"
}
]
}
],
"datePublic": "2017-05-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T14:06:43",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "GLSA-201811-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2017-05-18T00:00:00",
"ID": "CVE-2017-7501",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rpm",
"version": {
"version_data": [
{
"version_value": "before 4.13.0.2"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201811-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"name": "https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc",
"refsource": "MISC",
"url": "https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7501",
"datePublished": "2017-11-22T22:00:00Z",
"dateReserved": "2017-04-05T00:00:00",
"dateUpdated": "2024-09-17T00:02:20.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}