6 matches found
CVE-2020-27350
Public technical details (affected package internals, exploit vectors, and fixes) for CVE-2020-27350 are not provided in the connected documents. The materials reference advisories but do not disclose root cause or remediation specifics; monitor for updates.
CVE-2020-27351
CVE-2020-27351 involves memory and file descriptor leaks in the apt-python components used by python-apt (python/arfile.cc, python/tag.cc, python/tarfile.cc). Affected packages include python-apt with listed Ubuntu/Debian release variants (e.g., 1.1.0~beta1ubuntu0.16.04.10; 1.6.5ubuntu0; 2.0.0ubu...
CVE-2019-3462
CVE-2019-3462 affects apt 1.4.8 and earlier due to incorrect sanitation of the 302 redirect field in the HTTP transport, enabling content injection by a MITM attacker and potentially leading to remote code execution. Public docs confirm the flaw is in apt’s redirect handling and that exploitation...
CVE-2011-3374
CVE-2011-3374 : Apt-key in apt (all versions) does not correctly validate GPG keys with the master keyring, enabling a potential man-in-the-middle attack. The IBM/X-Force bulletin for CVE-2011-3374 (linked in the connected docs) confirms the vulnerability and lists CWE-347 (Improper Verification ...
CVE-2016-1252
CVE-2016-1252 affects the apt package in Debian (Jessie before 1.0.9.8.4) and in Ubuntu (14.04 LTS before 1.0.1ubuntu2.17, 16.04 LTS before 1.2.15ubuntu0.2, 16.10 before 1.3.2ubuntu0.1; Debian unstable before 1.4~beta2). It permits MITM attackers to bypass repository-signing protection by exploit...
CVE-2011-1829
CVE-2011-1829 affects apt (