Lucene search
GoogleOSV:CVE-2018-7685HistoryAug 31, 2018 - 3:29 p.m.
CVE-2018-7685
2018-08-3115:29:00
Google
osv.dev
7
The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download.
Related
nessus
nessus
Fedora 27 : libzypp / zypper (2018-ec9bc84fda)
2018-09-17 00:00:00
openSUSE Security Update : libzypp / zypper (openSUSE-2018-1054)
2018-09-27 00:00:00
openSUSE Security Update : libzypp / zypper (openSUSE-2019-685)
2019-03-27 00:00:00
ubuntucve
ubuntucve
CVE-2018-7685
2018-08-31 00:00:00
openvas
openvas
Fedora Update for zypper FEDORA-2018-ec9bc84fda
2018-09-17 00:00:00
Fedora Update for libzypp FEDORA-2018-ec9bc84fda
2018-09-17 00:00:00
openSUSE: Security Advisory for libzypp (openSUSE-SU-2018:2881-1)
2018-09-27 00:00:00
nvd
nvd
CVE-2018-7685
2018-08-31 15:29:00
fedora
fedora
[SECURITY] Fedora 27 Update: zypper-1.13.45-1.fc27
2018-09-17 03:07:38
[SECURITY] Fedora 27 Update: libzypp-16.17.20-1.fc27
2018-09-17 03:07:38
prion
prion
Design/Logic Flaw
2018-08-31 15:29:00
debiancve
debiancve
CVE-2018-7685
2018-08-31 15:29:00
cve
cve
CVE-2018-7685
2018-08-31 15:29:00
suse
suse
Security update for libzypp, zypper (important)
2018-09-26 18:22:31
Security update for libzypp, zypper (important)
2018-09-17 12:07:59
cvelist
cvelist
CVE-2018-7685 libzypp does not reevaluate malicious rpms once downloaded
2018-08-31 15:00:00
osv
osv
libzypp-17.28.4-1.2 on GA media
2024-06-15 00:00:00