Add CVE-2020-16154/cpanminus

author: Salvatore Bonaccorso <carnil@debian.org> 2021-11-24 06:18:57 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-11-24 06:20:01 +0100
commit: 17edc3ac9ac2b791ec2c8dd2039ce424e825f36d (patch)
tree: 5da138a3ffc49802540326f52870c6105a022a0e /data/CVE/list.2020
parent: f230ab07d7612b11efe1f0ba2dac350cea7e2fe9 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index c333cfabe5..a8ac961ca5 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -33714,8 +33714,11 @@ CVE-2020-16156
 	RESERVED
 CVE-2020-16155
 	RESERVED
-CVE-2020-16154
+CVE-2020-16154 [Signature Verification Bypass]
 	RESERVED
+	- cpanminus <unfixed>
+	NOTE: https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
+	NOTE: http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
 CVE-2020-16153
 	RESERVED
 CVE-2020-16152 (The NetConfig UI administrative interface in Extreme Networks ExtremeW ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2021-11-24 06:18:57 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-11-24 06:20:01 +0100
commit	17edc3ac9ac2b791ec2c8dd2039ce424e825f36d (patch)
tree	5da138a3ffc49802540326f52870c6105a022a0e /data/CVE/list.2020
parent	f230ab07d7612b11efe1f0ba2dac350cea7e2fe9 (diff)