Security Advisory

CVE-2014-0022

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-01-26 11:00:00

Last updated 2024-08-06 08:58:26

Assigner redhat

State PUBLISHED

Description

The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package.

← Browse all CVEs View on cve.org ↗