The signature header is not signed, but some data is extracted from it and incorporated into the RPM database. It may be possible to insert an erroneous and/or malicious OpenPGP signature into a signed package this way. It is possible to inject strings into the RPM database that the owner of the database would not wish it to contain. CREATE(Triage):(User=admin) CVE-2021-3421 (https://nvd.nist.gov/vuln/detail/CVE-2021-3421)