GPG Signature Verification Vulnerability in Simple Streams (simplestreams)
CVE-2015-1337 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
Simple Streams (simplestreams) does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 (aka Forbidden) response.
Learn more about our Cis Benchmark Audit For Server Software.