Опубликовано: 26 нояб. 2019
Источник: ubuntu
Приоритет: critical
EPSS Низкий
CVSS2: 4.3
CVSS3: 3.7
Описание
It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 0.8.16~exp5ubuntu11 |
| hardy | released | 0.7.9ubuntu17.3 |
| lucid | released | 0.7.25.3ubuntu9.7 |
| maverick | released | 0.8.3ubuntu7.2 |
| natty | released | 0.8.13.2ubuntu4.2 |
| upstream | not-affected | net-update not enabled by debian |
Показывать по
10
EPSS
Процентиль: 81%
0.01509
Низкий
4.3 Medium
CVSS2
3.7 Low
CVSS3
Связанные уязвимости
CVSS3: 3.7
nvd
около 6 лет назад
It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.
CVSS3: 3.7
debian
около 6 лет назад
It was found that apt-key in apt, all versions, do not correctly valid ...
CVSS3: 3.7
github
почти 4 года назад
It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.
EPSS
Процентиль: 81%
0.01509
Низкий
4.3 Medium
CVSS2
3.7 Low
CVSS3