GPG Signature Verification Vulnerability in Simple Streams (simplestreams)

GPG Signature Verification Vulnerability in Simple Streams (simplestreams)

CVE-2015-1337 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Simple Streams (simplestreams) does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 (aka Forbidden) response.

Learn more about our Cis Benchmark Audit For Server Software.