1 results (0.002 seconds)
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12875
https://notcve.org/view.php?id=CVE-2019-12875
18 Jun 2019 — Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key. Alpine Linux abuild hasta 3.4.0 permite a un miembro sin privilegios del grupo abuild agregar un paquete no seguro a través de una opción --keys-dir que provoca la aceptación de una clave de firma no segura • https://code.foxkit.us/adelie/packages/commit/15b160780c6eeff7048063c099a7f8757e1d8391 • CWE-668: Exposure of Resource to Wrong Sphere CWE-862: Missing Authorization •