ALT Vulnerability

oval/c9f2/ALT-PU-2024-13289/definitions.json

@@ -38,7 +38,7 @@
         "Description": "This update upgrades perl-App-cpanminus to version 1.9019-alt1. \nSecurity Fix(es):\n\n * CVE-2020-16154: The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass.\n\n * CVE-2024-45321: The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers.",
         "Advisory": {
           "From": "errata.altlinux.org",
-          "Severity": "Critical",
+          "Severity": "High",
           "Rights": "Copyright 2024 BaseALT Ltd.",
           "Issued": {
             "Date": "2024-10-02"
@@ -59,10 +59,10 @@
             },
             {
               "ID": "CVE-2024-45321",
-              "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+              "CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
               "CWE": "CWE-494",
               "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-45321",
-              "Impact": "Critical",
+              "Impact": "High",
               "Public": "20240827"
             }
           ],