Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2013-3704

The RPM GPG key import and handling feature in libzypp 12.15.0 and earlier reports a different key fingerprint than the one used to sign a repository when multiple key blobs are used, which might allow remote attackers to trick users into believing that the repository was signed by a more-trustworthy key.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.4%
CVSS Severity
CVSS v2 Score 4.3
Products affected by CVE-2013-3704
  • Novell » Libzypp » Version: 11.2
    cpe:2.3:a:novell:libzypp:11.2
  • Novell » Libzypp » Version: 11.3
    cpe:2.3:a:novell:libzypp:11.3
  • Novell » Libzypp » Version: 11.4
    cpe:2.3:a:novell:libzypp:11.4
  • Novell » Libzypp » Version: 12.1
    cpe:2.3:a:novell:libzypp:12.1
  • Novell » Libzypp » Version: 12.15.0
    cpe:2.3:a:novell:libzypp:12.15.0
  • Novell » Libzypp » Version: 12.2
    cpe:2.3:a:novell:libzypp:12.2
  • Novell » Libzypp » Version: 12.3
    cpe:2.3:a:novell:libzypp:12.3


Products
Pricing
Contact Us

Shodan ® - All rights reserved