N/A

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.

N/A

密码学签名的验证不恰当

Red Hat Package Manager 数据伪造问题漏洞

Red Hat Package Manager是美国Red Hat公司的一种用于互联网下载包的打包及安装工具。它包含在某些Linux分发版中。它生成具有.RPM扩展名的文件。与Dpkg类似。 Red Hat Package Manager 存在数据伪造问题漏洞，该漏洞源于RPM包的读取功能。

N/A

N/A