CVE-2020-27351

🗓️ 10 Dec 2020 04:05:18Reported by canonicalType

Various memory and file descriptor leaks found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc aka GHSL-2020-170

Reporter	Title	Published	Views	Family All 27
Cloud Foundry	USN-4668-1: python-apt vulnerability \| Cloud Foundry	12 Jan 202100:00	–	cloudfoundry
Circl	CVE-2020-27351	10 Dec 202007:33	–	circl
CNNVD	Python-apt Security Vulnerabilities	10 Dec 202000:00	–	cnnvd
Cvelist	CVE-2020-27351 Various memory and file descriptor leaks in apt-python	10 Dec 202004:05	–	cvelist
Debian	[SECURITY] [DLA 2488-1] python-apt security update	9 Dec 202019:55	–	debian
Debian	[SECURITY] [DSA 4809-1] python-apt security update	9 Dec 202016:45	–	debian
Debian	[SECURITY] [DSA 4809-1] python-apt security update	9 Dec 202016:45	–	debian
Debian CVE	CVE-2020-27351	10 Dec 202004:05	–	debiancve
Tenable Nessus	Debian DSA-4809-1 : python-apt - security update	10 Dec 202000:00	–	nessus
Tenable Nessus	Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : python-apt vulnerability (USN-4668-1)	9 Dec 202000:00	–	nessus

NVD

Node

debian advanced_package_toolRange1.1.0~beta1–1.1.0~beta1ubuntu0.16.04.10

AND

canonical ubuntu_linuxMatch16.04lts

Node

debian advanced_package_toolRange1.6.5ubuntu0–1.6.5ubuntu0.4

AND

canonical ubuntu_linuxMatch18.04lts

Node

debian advanced_package_toolRange2.0.0ubuntu0–2.0.0ubuntu0.20.04.2

AND

canonical ubuntu_linuxMatch20.04lts

Node

debian advanced_package_toolRange2.1.3ubuntu1–2.1.30ubuntu1.1

AND

canonical ubuntu_linuxMatch20.10

Node

debian advanced_package_toolRange<1.8.4.2

AND

debian debian_linuxMatch10.0

[
  {
    "product": "python-apt",
    "vendor": "Canonical",
    "versions": [
      {
        "lessThan": "1.1.0~beta1ubuntu0.16.04.10",
        "status": "affected",
        "version": "1.1.0~beta1",
        "versionType": "custom"
      },
      {
        "lessThan": "1.6.5ubuntu0.4",
        "status": "affected",
        "version": "1.6.5ubuntu0",
        "versionType": "custom"
      },
      {
        "lessThan": "2.0.0ubuntu0.20.04.2",
        "status": "affected",
        "version": "2.0.0ubuntu0",
        "versionType": "custom"
      },
      {
        "lessThan": "2.1.3ubuntu1.1",
        "status": "affected",
        "version": "2.1.3ubuntu1",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
bugs	www.bugs.launchpad.net/bugs/1899193
debian	www.debian.org/security/2020/dsa-4809
usn	www.usn.ubuntu.com/usn/usn-4668-1

21 Nov 2024 05:21Current

3.4Low risk

Vulners AI Score3.4

CVSS 22.1

CVSS 3.12 - 2.8

EPSS0.00063

CWE-772