Endpoint Vulnerability

RHSA-2020:5012: librepo security update (Moderate)

Description

The librepo library provides a C and Python API to download repository metadata. Security Fix(es): * librepo: missing path validation in repomd.xml may lead to directory traversal (CVE-2020-14352) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

librepo

References

CVE-2020-14352,