CVE-2013-1051
published 2013-03-21CVE-2013-1051: apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before…
medium4.3CVSS 3.1
AVNACMAuNCNIPAN
apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | advanced_package_tool | — | — |
| debian | apt | < apt 0.9.7.8 (bookworm) | apt 0.9.7.8 (bookworm) |
| debian | apt | — | — |
| debian | apt | >= 0 < 0.9.7.8 | 0.9.7.8 |
| debian | apt | >= 0 < 0.9.7.8 | 0.9.7.8 |
| debian | apt | >= 0 < 0.9.7.8 | 0.9.7.8 |
| debian | apt | >= 0 < 0.9.7.8 | 0.9.7.8 |
CVSS provenance
nvd4.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv4.3MEDIUM