Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2012-6088

The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 does not return an error code in certain situations involving an "unparseable signature," which allows remote attackers to bypass RPM signature checks via a crafted package.

  • Published: Jan 18, 2013
  • Updated: Apr 13, 2023
  • CVE: CVE-2012-6088
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

Software From Fixed in
rpm / rpm 4.10.0 4.10.0.x
rpm / rpm 4.10.1 4.10.1.x