Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The default --checksig setting in RPM Package Manager 4.0.4 checks that a package's signature is valid without listing who signed it, which can allow remote attackers to make it appear that a malicious package comes from a trusted source.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RPM Package Manager签名验证用户反馈不足的漏洞
Vulnerability Description
RPM Package Manager 4.0.4版本的默认--checksig设置不用列出签名者就检测包的签名是有效的,远程攻击者使其看起来是一个来自于值得信赖的源的恶意包。
CVSS Information
N/A
Vulnerability Type
N/A