Known Vulnerabilities for Advanced Package Tool by Debian
Listed below are 10 of the newest known vulnerabilities associated with "Advanced Package Tool" by "Debian".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-27351 json | Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, a... | 2.8 - LOW | 2020-12-10 | 2020-12-14 |
| CVE-2020-27350 json | APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-p... | 5.7 - MEDIUM | 2020-12-10 | 2022-10-29 |
| CVE-2019-3462 json | Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content... | 8.1 - HIGH | 2019-01-28 | 2023-11-07 |
| CVE-2018-0501 json | The mirror:// method implementation in Advanced Package Tool (APT) 1.6.x before 1.6.4 and 1.7.x before 1.7.0~alpha3 mishandle... | 5.9 - MEDIUM | 2018-08-21 | 2019-01-17 |
| CVE-2016-1252 json | The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable before 1.4~beta2, in Ubuntu 14.04 LTS before 1.0.1ubunt... | 5.9 - MEDIUM | 2017-12-05 | 2020-08-14 |
| CVE-2014-7206 json | The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the change... | 3.6 - LOW | 2014-10-15 | 2020-01-08 |
| CVE-2014-6273 json | Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and earlier allows man-in-the-middle attackers to cause a ... | 6.8 - MEDIUM | 2014-09-30 | 2020-01-08 |
| CVE-2014-0490 json | The apt-get download command in APT before 1.0.9 does not properly validate signatures for packages, which allows remote atta... | 7.5 - HIGH | 2014-11-03 | 2020-01-08 |
| CVE-2014-0489 json | APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums, which allows remote attackers... | 7.5 - HIGH | 2014-11-03 | 2020-01-08 |
| CVE-2014-0488 json | APT before 1.0.9 does not "invalidate repository data" when moving from an unauthenticated to authenticated state, which allo... | 6.8 - MEDIUM | 2014-11-03 | 2020-01-08 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Debian | Advanced Package Tool | 1.9.4 | |||
| Application | Debian | Advanced Package Tool | 1.9.3 | |||
| Application | Debian | Advanced Package Tool | 1.9.2 | |||
| Application | Debian | Advanced Package Tool | 1.9.1 | |||
| Application | Debian | Advanced Package Tool | 1.9.0 | |||
| Application | Debian | Advanced Package Tool | 1.8.4 | |||
| Application | Debian | Advanced Package Tool | 1.8.3 | |||
| Application | Debian | Advanced Package Tool | 1.8.2 | |||
| Application | Debian | Advanced Package Tool | 1.8.1 | |||
| Application | Debian | Advanced Package Tool | 1.8.0 | |||
| Application | Debian | Advanced Package Tool | 1.8.0 | |||
| Application | Debian | Advanced Package Tool | 1.8.0 | |||
| Application | Debian | Advanced Package Tool | 1.8.0 | |||
| Application | Debian | Advanced Package Tool | 1.8.0 | |||
| Application | Debian | Advanced Package Tool | 1.8.0 | |||
| Application | Debian | Advanced Package Tool | 1.8.0 | |||
| Application | Debian | Advanced Package Tool | 1.8.0 | |||
| Application | Debian | Advanced Package Tool | 1.8.0 | |||
| Application | Debian | Advanced Package Tool | 1.8.0 | |||
| Application | Debian | Advanced Package Tool | 1.7.5 |