Redhat: >> Redhat Package Manager >> 4.0.4 Security Vulnerabilities
The default --checksig setting in RPM Package Manager 4.0.4 checks that a package's signature is valid without listing who signed it, which can allow remote attackers to make it appear that a malicious package comes from a trusted source.
CVSS Score
7.5
EPSS Score
0.007
Published
2002-12-31