Package impact
PyPI / portage
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2013-2100 | critical | — | 9.3 | 12y ago | Gentoo Portage does not verify X.509 certificates from SSL servers | |
| CVE-2016-20021 | unknown | — | — | 2y ago | In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-w… |