MidnightBSD

Advisories for simpestreams_project

CVE-2015-1337 MEDIUM

Simple Streams (simplestreams) does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 (aka Forbidden) response.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
simpestreams_project simplestreams -
canonical ubuntu_linux 15.04
canonical ubuntu_linux 14.04