CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Canonical Module Signature Project2Module Signature Ubuntu LinuxNov 21, 2024 Nov 29, 2019 N/A· v4 7.5 HIGH· v3 6.4 MEDIUM· v2 The PGP signature parsing in Module::Signature before 0.74 allows remote attackers to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors. |
2Canonical Module Signature Project2Module Signature Ubuntu LinuxMay 6, 2026 May 19, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 Untrusted search path vulnerability in Module::Signature before 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff modul...Show more |
2Canonical Module Signature Project2Module Signature Ubuntu LinuxMay 6, 2026 May 19, 2015 N/A· v4 N/A· v3 10.0 HIGH· v2 Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest. |
2Canonical Module Signature Project2Module Signature Ubuntu LinuxMay 6, 2026 May 19, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Module::Signature before 0.74 allows remote attackers to bypass signature verification for files via a signature file that does not list the files. |