CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-1337

Simple Streams (simplestreams) does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 (aka Forbidden) response.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.5%

CVSS Severity

CVSS v2 Score 6.8

References

http://www.ubuntu.com/usn/USN-2746-1
http://www.ubuntu.com/usn/USN-2746-2
https://bugs.launchpad.net/ubuntu/%2Bsource/simplestreams/%2Bbug/1487004
http://www.ubuntu.com/usn/USN-2746-1
http://www.ubuntu.com/usn/USN-2746-2
https://bugs.launchpad.net/ubuntu/%2Bsource/simplestreams/%2Bbug/1487004

Products affected by CVE-2015-1337

Simpestreams Project » Simplestreams » Version: N/A

cpe:2.3:a:simpestreams_project:simplestreams:-
Canonical » Ubuntu Linux » Version: 14.04

cpe:2.3:o:canonical:ubuntu_linux:14.04
Canonical » Ubuntu Linux » Version: 15.04

cpe:2.3:o:canonical:ubuntu_linux:15.04

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-1337

Products

Pricing

Contact Us