pkg:Debian/apt

All known vulnerabilities

• HIGH8.1CVE-2019-3462apt - security update
  from 0, < 1.4.9
• HIGH8.1CVE-2019-3462apt - security update
  from 0, < 1.0.9.8.5
• HIGH8.1CVE-2019-3462apt - security update
  from 0, < 1.8.0~alpha3.1
• MEDIUM5.9The mirror:// method implementation in Advanced Package Tool (APT) 1.6.x before 1.6.4 and 1.7.x before 1.7.0~alpha3 mishandles gpg signatur…
  from 0, < 1.6.4
• MEDIUM5.9apt - security update
  from 0, < 1.4~beta2
• MEDIUM5.9apt - security update
  from 0, < 1.0.9.8.4
• MEDIUM5.7apt - security update
  from 0, < 1.8.2.2
• MEDIUM5.7apt - security update
  from 0, < 2.1.13
• MEDIUM5.7apt - security update
  from 0, < 1.4.11
• MEDIUM5.5apt - security update
  from 0, < 2.1.2
• MEDIUM5.5apt - security update
  from 0, < 1.4.10
• MEDIUM5.5apt - security update
  from 0, < 1.0.9.8.6
• LOW3.7It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-t…
  from 0
• —The apt-get download command in APT before 1.0.9 does not properly validate signatures for packages, which allows remote attackers to execu…
  from 0, < 0.9.12
• —APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums, which allows remote attackers to execute ar…
  from 0, < 1.0.9
• —APT before 1.0.9 does not "invalidate repository data" when moving from an unauthenticated to authenticated state, which allows remote atta…
  from 0, < 1.0.9
• —apt - security update
  from 0, < 0.9.7.9+deb7u3
• —apt - security update
  from 0, < 1.0.9
• —apt - security update
  from 0, < 0.8.10.3+squeeze3
• —apt - security update
  from 0, < 1.0.9.2
• —apt - security update
  from 0, < 0.9.7.9+deb7u6
• —apt - security update
  from 0, < 0.9.7.9+deb7u5
• —apt - security update
  from 0, < 1.0.3
• —apt - security update
  from 0, < 0.8.10.3+squeeze5
• —apt - security update
  from 0, < 1.0.4
• —apt - security update
  from 0, < 0.9.7.9+deb7u2
• —The pkgAcqMetaClearSig::Failed method in apt-pkg/acquire-item.cc in Advanced Package Tool (APT) 0.8.11 through 0.8.15.10 and 0.8.16 before…
  from 0, < 0.8.15.10
• —apt - security update
  from 0, < 0.8.11
• —apt - security update
  from 0, < 0.8.10.3+squeeze2
• —apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify…
  from 0, < 0.9.7.8
• —Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x before 0.8.16~exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0…
  from 0, < 0.9.7.7
• —APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and d…
  from 0, < 0.7.25
• —APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and d…
  from 0, < 0.7.25
• —APT before 0.8.15.2 does not properly validate inline GPG signatures, which allows man-in-the-middle attackers to install modified packages…
  from 0, < 0.8.15.2
• —apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when…
  from 0, < 0.7.21
• —apt - several vulnerabilities
  from 0, < 0.6.46.4-0.1+etch1
• —apt - several vulnerabilities
  from 0, < 0.7.20.2+squeeze1
• —apt - several vulnerabilities
  from 0, < 0.7.21