vulnerability
Red Hat: CVE-2011-2515: PackageKit: installs unsigned RPM packages as though they were signed
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | Nov 27, 2019 | Jul 9, 2025 | Jul 9, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Nov 27, 2019
Added
Jul 9, 2025
Modified
Jul 9, 2025
Description
PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.
Solution
no-fix-redhat-rpm-package
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.