Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-0022 | 1 Baseurl | 1 Yum | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package.
|
|||||
| CVE-2013-1910 | 2 Baseurl, Debian | 2 Yum, Debian Linux | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository.
|
|||||