Advanced Package Tool@0.7.20 Security Vulnerabilities and Issues — Advanced Package Tool@0.7.20 CVE List

Lucene search

DebianAdvanced Package Tool0.7.20

3 matches found

CVE•added 2009/04/16 3:12 p.m.•68 views

CVE-2009-1300

apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight.

10CVSS6.5AI score0.01081EPSS

CVE•added 2012/06/19 8:55 p.m.•62 views

CVE-2012-0954

APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install altered packages via a man-in-the-middle (MITM) attack. NOTE: this vulnerability exists...

2.6CVSS6.5AI score0.0037EPSS

CVE•added 2012/06/19 8:55 p.m.•49 views

CVE-2012-3587

APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install Trojan horse packages via a man-in-the-middle (MITM) attack.

2.6CVSS6.5AI score0.00146EPSS