Описание
apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 0.9.7.7ubuntu3 |
| hardy | not-affected | |
| lucid | not-affected | |
| oneiric | released | 0.8.16~exp5ubuntu13.7 |
| precise | released | 0.8.16~exp12ubuntu10.10 |
| quantal | released | 0.9.7.5ubuntu5.4 |
| upstream | needs-triage |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories.
apt 0.8.16, 0.9.7, and possibly other versions does not properly handl ...
apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories.
EPSS
4.3 Medium
CVSS2