Vulnerabilities (CVE)

Filtered by vendor Baseurl Subscribe
Filtered by product Yum
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-0022 1 Baseurl 1 Yum 2024-11-21 5.0 MEDIUM N/A
The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package.
CVE-2013-1910 2 Baseurl, Debian 2 Yum, Debian Linux 2024-11-21 7.5 HIGH 9.8 CRITICAL
yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository.