3 matches found
DEBIAN-CVE-2020-16122
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages...
Advanced Packaging Tools Data Forgery Issue Vulnerability
Advanced Packaging Tools APT is a package manager that automatically downloads, configures, and installs packages in binary or source code format. There is a data forgery problem vulnerability in apt-key in APT, which can be exploited by an attacker to execute a man-in-the-middle attack...
USN-3863-1 apt vulnerability
Max Justicz discovered that APT incorrectly handled certain parameters during redirects. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could potentially be used to install altered packages...