CVE-2011-3374
published 2019-11-26CVE-2011-3374: It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.
low3.7CVSS 3.1
AVNACHPRNUINSUCNILAN
It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apt | apt | — | — |
| debian | apt | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
CVSS provenance
nvdv3.13.7LOWCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
osv3.7LOW