CVE-2017-7435

In libzypp before 20170803 it was possible to add unsigned YUM repositories without warning to the user that could lead to man in the middle or malicious servers to inject malicious RPM packages into a users system.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:opensuse:libzypp:*:*:*:*:*:*:*:*

Information

Published : 2018-03-01 12:29

Updated : 2019-10-09 16:29


NVD link : CVE-2017-7435

Mitre link : CVE-2017-7435


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

opensuse

  • libzypp