CVE-2015-1337 in Simple Streamsinfo

Summary

Simple Streams (simplestreams) does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 (aka Forbidden) response.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

01/22/2015

Disclosure

10/09/2015

Moderation

VulDB entry created

Entries

1: VDB-78300

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

4.8

EPSS

0.00334

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-1337
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-1337
CVE Details	https://www.cvedetails.com/cve/CVE-2015-1337/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!