Fedora 43 : apt / python-apt (2026-1c47e433df)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-1c47e433df advisory. Update to latest upstream release apt 3.1.15 and python-apt 3.1.0 ---- Update to latest upstream release apt 3.1.15, also fix build problem with previous...

EUVD-2018-1323

Malware in sbrugna...

Advanced Package Tool Remote Code Execution (CVE-2019-3462)

A remote code execution vulnerability exists in Advanced Package Tool. The vulnerability is due to lack of sanitation on Location headers in HTTP responses. Successful exploitation could result in installation and execution of altered packages...

Linux apt/apt-get Remote Code Execution Vulnerability

Linux is a free-to-use and freely distributed Unix-like operating system, a multi-user, multi-tasking, multi-threaded and multi-CPU supported operating system based on POSIX and UNIX. A remote code execution vulnerability exists in Linux apt/apt-get. The vulnerability stems from apt's failure to...

BSA-2019-754

Security Advisory ID : BSA-2019-754 Component : APT Revision : 1.0: Final A vulnerability in apt could allows a network man-in-the-middle or a malicious package mirror to execute arbitrary code as root on a machine installing any package. The bug has been fixed in the latest versions of apt. If...

UBUNTU-CVE-2018-0501

The mirror:// method implementation in Advanced Package Tool APT 1.6.x before 1.6.4 and 1.7.x before 1.7.0alpha3 mishandles gpg signature verification for the InRelease file of a fallback mirror, aka mirrorfail...

PT-2018-8863 · Debian +1 · Apt +1

Name of the Vulnerable Software and Affected Versions: Advanced Package Tool APT versions 1.6.x through 1.6.3 Advanced Package Tool APT versions 1.7.x through 1.7.0alpha2 Description: The issue concerns the mirror:// method implementation in APT, which mishandles gpg signature verification for th...

Vulnerabilities of the Debian GNU/Linux operating system, which allow a remote attacker to compromise the integrity and accessibility of protected information

The multiple vulnerabilities in the Debian GNU/Linux operating system’s apt package can be exploited, leading to a violation of the integrity and accessibility of protected information. These vulnerabilities can be exploited remotely...

CVE-2012-0214

The pkgAcqMetaClearSig::Failed method in apt-pkg/acquire-item.cc in Advanced Package Tool APT 0.8.11 through 0.8.15.10 and 0.8.16 before 0.8.16exp13, when updating from repositories that use InRelease files, allows man-in-the-middle attackers to install arbitrary packages by preventing a user fro...

DEBIAN-CVE-2012-0214

The pkgAcqMetaClearSig::Failed method in apt-pkg/acquire-item.cc in Advanced Package Tool APT 0.8.11 through 0.8.15.10 and 0.8.16 before 0.8.16exp13, when updating from repositories that use InRelease files, allows man-in-the-middle attackers to install arbitrary packages by preventing a user fro...

PT-2014-2155 · Debian · Apt

Name of the Vulnerable Software and Affected Versions: apt versions prior to 0.8.11 Description: The issue allows man-in-the-middle attackers to obtain repository credentials via unspecified vectors when the certificate host name fails validation and Verify-Host is enabled. Recommendations: For...