CVE-2015-1337
N/A
N/A
Summary
Simple Streams (simplestreams) does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 (aka Forbidden) response.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.ubuntu.com/usn/USN-2746-1
- http://www.ubuntu.com/usn/USN-2746-2
- https://bugs.launchpad.net/ubuntu/%2Bsource/simplestreams/%2Bbug/1487004
References
- http://www.ubuntu.com/usn/USN-2746-1
- http://www.ubuntu.com/usn/USN-2746-2
- https://bugs.launchpad.net/ubuntu/%2Bsource/simplestreams/%2Bbug/1487004
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.