← CVECheck
HomeVulnerabilities

CVE-2003-0546 — HIGH severity vulnerability (up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG si)

up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised.

CVE IDCVE-2003-0546
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2003-08-27
Last modified2026-04-16
Descriptionup2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →