CVE-2011-1829 in APTinfo

Summary

APT before 0.8.15.2 does not properly validate inline GPG signatures, which allows man-in-the-middle attackers to install modified packages via vectors involving lack of an initial clearsigned message.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

04/27/2011

Disclosure

07/26/2011

Moderation

VulDB entry created

Entries

VDB-58090 (1)

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

5.3

EPSS

0.00145

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-1829
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1829
CVE Details	https://www.cvedetails.com/cve/CVE-2011-1829/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!