---

ASA-202104-6 - log back

ASA-202104-6 edited at 29 Apr 2021 21:42:04

Impact

- An attacker can perform a man-in-the-middle to inject malicious package dependencies to a client. In addition, a malicious packager can execute arbitrary code on the affected client by providing a maliciously-crafted package metadata file. + An attacker can perform a man-in-the-middle to inject malicious package dependencies to a client. In addition, a malicious packager can execute arbitrary code on the affected client by providing a maliciously- crafted package metadata file.

ASA-202104-6 edited at 29 Apr 2021 15:25:32
Impact	+ An attacker can perform a man-in-the-middle to inject malicious package dependencies to a client. In addition, a malicious packager can execute arbitrary code on the affected client by providing a maliciously-crafted package metadata file.

ASA-202104-6 created at 29 Apr 2021 15:24:03