Описание
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.6.6ubuntu0.1 |
| cosmic | released | 1.7.0ubuntu0.1 |
| devel | released | 1.8.0~alpha3.1 |
| esm-infra-legacy/trusty | released | 1.0.1ubuntu2.19 |
| esm-infra/bionic | released | 1.6.6ubuntu0.1 |
| esm-infra/xenial | released | 1.2.29ubuntu0.1 |
| precise/esm | not-affected | 0.8.16~exp12ubuntu10.28 |
| trusty | released | 1.0.1ubuntu2.19 |
| trusty/esm | released | 1.0.1ubuntu2.19 |
| upstream | needs-triage |
Показывать по
EPSS
9.3 Critical
CVSS2
8.1 High
CVSS3
Связанные уязвимости
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
Incorrect sanitation of the 302 redirect field in HTTP transport metho ...
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
Уязвимость в программном обеспечении apt, связанная с неправильной очисткой поля перенаправления, позволяющая нарушителю выполнить удаленный код на целевой машине
EPSS
9.3 Critical
CVSS2
8.1 High
CVSS3