Lucene search
+L

CVE-2019-15796

🗓️ 26 Mar 2020 13:00:21Reported by canonicalType 
cve
 cve
🔗 web.nvd.nist.gov👁 109 Views

Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` allowing downloads from unsigned repositories

Related
Detection
Affected
Refs
NVD
Node
AND
OR
ubuntupython-aptMatch0.8.0ubuntu9
ubuntupython-aptMatch0.8.1ubuntu1
ubuntupython-aptMatch0.8.3ubuntu1
ubuntupython-aptMatch0.8.3ubuntu2
ubuntupython-aptMatch0.8.3ubuntu3
ubuntupython-aptMatch0.8.3ubuntu4
ubuntupython-aptMatch0.8.3ubuntu5
ubuntupython-aptMatch0.8.3ubuntu6
ubuntupython-aptMatch0.8.3ubuntu7
ubuntupython-aptMatch0.8.3ubuntu7.1
ubuntupython-aptMatch0.8.3ubuntu7.2
ubuntupython-aptMatch0.8.3ubuntu7.3
Node
AND
OR
ubuntupython-aptMatch0.8.9.1
ubuntupython-aptMatch0.8.9.1ubuntu1
ubuntupython-aptMatch0.9.1build1
ubuntupython-aptMatch0.9.1build2
ubuntupython-aptMatch0.9.1ubuntu1
ubuntupython-aptMatch0.9.3.1
ubuntupython-aptMatch0.9.3.2
ubuntupython-aptMatch0.9.3.2ubuntu1
ubuntupython-aptMatch0.9.3.2ubuntu2
ubuntupython-aptMatch0.9.3.3
ubuntupython-aptMatch0.9.3.3ubuntu1
ubuntupython-aptMatch0.9.3.4
ubuntupython-aptMatch0.9.3.4build1
ubuntupython-aptMatch0.9.3.5
ubuntupython-aptMatch0.9.3.5ubuntu1
ubuntupython-aptMatch0.9.3.5ubuntu2
ubuntupython-aptMatch0.9.3.5ubuntu3
Node
AND
OR
ubuntupython-aptMatch1.0.1build1
ubuntupython-aptMatch1.0.1ubuntu1
ubuntupython-aptMatch1.0.1ubuntu2
ubuntupython-aptMatch1.1.0beta1
ubuntupython-aptMatch1.1.0beta1build1
ubuntupython-aptMatch1.1.0beta1ubuntu0.16.04.1
ubuntupython-aptMatch1.1.0beta1ubuntu0.16.04.2
ubuntupython-aptMatch1.1.0beta1ubuntu0.16.04.3
ubuntupython-aptMatch1.1.0beta1ubuntu0.16.04.4
ubuntupython-aptMatch1.1.0beta1ubuntu0.16.04.5
Node
AND
OR
ubuntupython-aptMatch1.4.0beta3build2
ubuntupython-aptMatch1.4.0beta3ubuntu1
ubuntupython-aptMatch1.6.0rc1
ubuntupython-aptMatch1.6.0rc2ubuntu1
ubuntupython-aptMatch1.6.0rc2ubuntu2
ubuntupython-aptMatch1.6.0rc3
ubuntupython-aptMatch1.6.3ubuntu1
Node
AND
OR
ubuntupython-aptMatch1.9.0alpha0~ubuntu1
ubuntupython-aptMatch1.9.0alpha0~ubuntu2
ubuntupython-aptMatch1.9.0ubuntu1
Node
AND
OR
ubuntupython-aptMatch1.8.0alpha0~ubuntu1
ubuntupython-aptMatch1.8.0alpha0~ubuntu2
[
  {
    "product": "Python-apt",
    "vendor": "Canonical",
    "versions": [
      {
        "lessThan": "0.8.3ubuntu7.5",
        "status": "affected",
        "version": "0.8.3",
        "versionType": "custom"
      },
      {
        "lessThan": "0.9.3.5ubuntu3+esm2",
        "status": "affected",
        "version": "0.9.3.5",
        "versionType": "custom"
      },
      {
        "lessThan": "1.1.0~beta1ubuntu0.16.04.7",
        "status": "affected",
        "version": "1.1.0",
        "versionType": "custom"
      },
      {
        "lessThan": "1.6.5ubuntu0.1",
        "status": "affected",
        "version": "1.6.5",
        "versionType": "custom"
      },
      {
        "lessThan": "1.9.0ubuntu1.2",
        "status": "affected",
        "version": "1.9.0",
        "versionType": "custom"
      },
      {
        "lessThan": "1.9.5",
        "status": "affected",
        "version": "1.9.5",
        "versionType": "custom"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 02:21Current
4.6Medium risk
Vulners AI Score4.6
CVSS 22.6
CVSS 3.14.7
EPSS0.00496
109