CVE-2015-0840 in dpkginfo

Summary

The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file (.dsc).

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

01/07/2015

Disclosure

04/13/2015

Moderation

VulDB entry created

Entries

VDB-74795 (1)

CPE

ready

CWE

CWE-284 (Confirmed)

CVSS

6.5

EPSS

0.00647

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-0840
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-0840
CVE Details	https://www.cvedetails.com/cve/CVE-2015-0840/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!