AVG-2631 log
| Package | cpanminus |
| Status | Vulnerable |
| Severity | Medium |
| Type | signature forgery |
| Affected | 1.7044-5 |
| Fixed | Unknown |
| Current | 1.7048-2 [extra] |
| Ticket | Create |
| Created | Mon Dec 13 19:27:20 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-16154 | Medium | Yes | Signature forgery | A flaw was found in the way the perl-App-cpanminus 1.7044 performed verification of package signatures stored in CHECKSUMS files. A malicious or compromised... |