In libzypp prior to 20170803 it was possible to retrieve unsigned packages without a warning to the user which could lead to man in the middle or malicious servers to inject malicious RPM packages into a users system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse libzypp |