cvedb.io
CVE-2021-41067
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2021-12-14T16:15:09.103 · Last modified 2026-06-17T04:07:48.870

Summary

An issue was discovered in Listary through 6. Improper implementation of the update process leads to the download of software updates with a /check-update HTTP-based connection. This can be exploited with MITM techniques. Together with the lack of package validation, it can lead to manipulation of update packages that can cause an installation of malicious content.

Affected products

listary — listary

Does this affect you?

Add your gear to cvedb and we'll alert you only when listary ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.