| Max CVSS | 10.0 | Min CVSS | 4.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-8118 | 10.0 |
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.
|
13-02-2023 - 00:42 | 16-12-2014 - 18:59 | |
| CVE-2013-6435 | 7.6 |
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the
|
13-02-2023 - 00:29 | 16-12-2014 - 18:59 | |
| CVE-2017-7501 | 4.6 |
It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location a
|
29-06-2021 - 15:15 | 22-11-2017 - 22:29 |