1 results (0.001 seconds)
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0
CVE-2019-12875
https://notcve.org/view.php?id=CVE-2019-12875
Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key. Alpine Linux abuild hasta 3.4.0 permite a un miembro sin privilegios del grupo abuild agregar un paquete no seguro a través de una opción --keys-dir que provoca la aceptación de una clave de firma no segura • https://code.foxkit.us/adelie/packages/commit/15b160780c6eeff7048063c099a7f8757e1d8391 https://github.com/sroracle/abuild/commit/4f90ce92778d0ee302e288def75591b96a397c8b https://security.netapp.com/advisory/ntap-20190625-0005 • CWE-668: Exposure of Resource to Wrong Sphere CWE-862: Missing Authorization •