CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2020-3810 – Debian Security Advisory 4685-1
https://notcve.org/view.php?id=CVE-2020-3810
14 May 2020 — Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files. Una falta de comprobación de entrada en las implementaciones de ar/tar de APT versiones anteriores a 2.1.2, podría resultar en una denegación de servicio al procesar archivos deb especialmente diseñados USN-4359-1 fixed a vulnerability in APT. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that A... • https://bugs.launchpad.net/bugs/1878177 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 4.7EPSS: 0%CPEs: 74EXPL: 0CVE-2019-15795 – python-apt uses MD5 for validation
https://notcve.org/view.php?id=CVE-2019-15795
23 Jan 2020 — python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle attack which could potentially be used to install altered packages and has been fixed in versions 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5. Python-apt solo comprueba las cantidades MD5 de los archivos descargados en las funciones "Version.fetch_binary()... • https://usn.ubuntu.com/4247-1 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 4.7EPSS: 0%CPEs: 74EXPL: 0CVE-2019-15796 – python-apt downloads from untrusted sources
https://notcve.org/view.php?id=CVE-2019-15796
23 Jan 2020 — Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or in `_fetch_archives()` of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5, 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5. Python-apt no comprueba si los hashes están firmados en las funciones "Version.fetch_binary()" y... • https://usn.ubuntu.com/4247-1 • CWE-287: Improper Authentication CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2CVE-2020-5202
https://notcve.org/view.php?id=CVE-2020-5202
21 Jan 2020 — apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/apt-cacher-ng/socket command-line option is passed. The cron job /etc/cron.daily/apt-cacher-ng (which is active by default) attempts this periodically. Because 3142 is an unprivileged port, any local user can try to bind to this port and will r... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2013-6049
https://notcve.org/view.php?id=CVE-2013-6049
20 Oct 2017 — apt-listbugs before 0.1.10 creates temporary files insecurely, which allows attackers to have unspecified impact via unknown vectors. apt-listbugs en versiones anteriores a la 0.1.10 crea archivos temporales de forma insegura, lo que permite que atacantes provoquen un impacto sin especificar mediante vectores desconocidos. • http://www.openwall.com/lists/oss-security/2014/02/08/5 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2014-7206 – Debian Security Advisory 3048-1
https://notcve.org/view.php?id=CVE-2014-7206
08 Oct 2014 — The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file. El comando 'changelog' en Apt anterior a 1.0.9.2 permite a usuarios locales escribir ficheros arbitrarios a través de un ataque de enlaces simbólicos en el fichero 'changelog'. Guillem Jover discovered that APT incorrectly created a temporary file when handling the changelog command. A local attacker could use this issue to overwrite arbitrary files. In the default installat... • http://secunia.com/advisories/61158 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2014-4510
https://notcve.org/view.php?id=CVE-2014-4510
06 Oct 2014 — Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng 0.7.26 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en job.cc en apt-cacher-ng 0.7.26 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de una URL manipulada. • http://anonscm.debian.org/cgit/apt-cacher-ng/apt-cacher-ng.git/diff/?id=6f08e6a3995d1bed4e837889a3945b6dc650f6ad • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.4EPSS: 0%CPEs: 5EXPL: 0CVE-2013-1051
https://notcve.org/view.php?id=CVE-2013-1051
21 Mar 2013 — apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories. apt v0.8.16, v0.9.7 y posiblemente otras versiones no trata correctamente los archivos InRelease, lo que permite man-in-the-middle atacantes para modificar los paquetes antes de la instalación a través de vectores desconocidos, posiblemente r... • http://osvdb.org/91428 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2012-0961
https://notcve.org/view.php?id=CVE-2012-0961
26 Dec 2012 — Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x before 0.8.16~exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable permissions for /var/log/apt/term.log, which allows local users to obtain sensitive shell information by reading the log file. Apt v0.8.16~exp5ubuntu13.x antes de v0.8.16~exp5ubuntu13.6, v0.8.16~exp12ubuntu10.x antes de v0.8.16v0.8.16~exp12ubuntu10.7 y v0.9.7.5ubuntu5.x antes de v0.9.7.5ubuntu5.2, tal y como se usa ... • http://osvdb.org/88380 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 1%CPEs: 180EXPL: 0CVE-2009-1358
https://notcve.org/view.php?id=CVE-2009-1358
21 Apr 2009 — apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories. apt-get in apt anterior a 0.7.21 no comprueba adecuadamente el error de codigo en gpgv, lo que hace que apt utilice un repositorio firmado con una clave que ha sido revocada o ha caducado, lo que permite a atacantes remo... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433091 •