Lucene search
PRIOn knowledge basePRION:CVE-2019-15795HistoryMar 26, 2020 - 1:15 p.m.
Design/Logic Flaw
2020-03-2613:15:00
PRIOn knowledge base
www.prio-n.com
3
python-apt only checks the MD5 sums of downloaded files in Version.fetch_binary() and Version.fetch_source() of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle attack which could potentially be used to install altered packages and has been fixed in versions 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5.
Related
osv
osv
python-apt Flawed Package Integrity Check
2022-05-24 17:12:47
python-apt - security update
2020-01-23 00:00:00
python-apt - security update
2020-01-23 00:00:00
cve
cve
CVE-2019-15795
2020-03-26 13:15:12
debiancve
debiancve
CVE-2019-15795
2020-03-26 13:15:12
cvelist
cvelist
CVE-2019-15795 python-apt uses MD5 for validation
2019-08-06 00:00:00
github
github
python-apt Flawed Package Integrity Check
2022-05-24 17:12:47
nvd
nvd
CVE-2019-15795
2020-03-26 13:15:12
ubuntucve
ubuntucve
CVE-2019-15795
2020-01-20 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2074-1)
2020-01-24 00:00:00
Ubuntu: Security Advisory (USN-4247-2)
2020-01-23 00:00:00
Ubuntu: Security Advisory (USN-4247-3)
2022-08-26 00:00:00
debian
debian
[SECURITY] [DSA 4609-1] python-apt security update
2020-01-23 22:03:59
[SECURITY] [DLA 2074-1] python-apt security update
2020-01-23 21:03:46
ubuntu
ubuntu
python-apt vulnerabilities
2020-01-22 00:00:00
python-apt vulnerabilities
2020-01-23 00:00:00
python-apt regression
2020-01-22 00:00:00
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS : python-apt regression (USN-4247-2)
2020-01-23 00:00:00
Debian DSA-4609-1 : python-apt - security update
2020-01-27 00:00:00
Debian DLA-2074-1 : python-apt security update
2020-01-24 00:00:00
cloudfoundry
cloudfoundry
USN-4247-2: python-apt regression | Cloud Foundry
2020-02-12 00:00:00
USN-4247-1: python-apt vulnerabilities | Cloud Foundry
2020-02-12 00:00:00