2.6
CVE-2012-3587
- EPSS 0.16%
- Published 19.06.2012 20:55:08
- Last modified 11.04.2025 00:51:21
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install Trojan horse packages via a man-in-the-middle (MITM) attack.
Data is provided by the National Vulnerability Database (NVD)
Debian ≫ Advanced Package Tool Version0.7.0
Debian ≫ Advanced Package Tool Version0.7.1
Debian ≫ Advanced Package Tool Version0.7.2
Debian ≫ Advanced Package Tool Version0.7.2-0.1
Debian ≫ Advanced Package Tool Version0.7.10
Debian ≫ Advanced Package Tool Version0.7.11
Debian ≫ Advanced Package Tool Version0.7.12
Debian ≫ Advanced Package Tool Version0.7.13
Debian ≫ Advanced Package Tool Version0.7.14
Debian ≫ Advanced Package Tool Version0.7.15
Debian ≫ Advanced Package Tool Version0.7.15 Updateexp1
Debian ≫ Advanced Package Tool Version0.7.15 Updateexp2
Debian ≫ Advanced Package Tool Version0.7.15 Updateexp3
Debian ≫ Advanced Package Tool Version0.7.16
Debian ≫ Advanced Package Tool Version0.7.17
Debian ≫ Advanced Package Tool Version0.7.17 Updateexp1
Debian ≫ Advanced Package Tool Version0.7.17 Updateexp2
Debian ≫ Advanced Package Tool Version0.7.17 Updateexp3
Debian ≫ Advanced Package Tool Version0.7.17 Updateexp4
Debian ≫ Advanced Package Tool Version0.7.18
Debian ≫ Advanced Package Tool Version0.7.19
Debian ≫ Advanced Package Tool Version0.7.20
Debian ≫ Advanced Package Tool Version0.7.20.1
Debian ≫ Advanced Package Tool Version0.7.20.2
Debian ≫ Advanced Package Tool Version0.7.21
Debian ≫ Advanced Package Tool Version0.7.22
Debian ≫ Advanced Package Tool Version0.7.22.1
Debian ≫ Advanced Package Tool Version0.7.22.2
Debian ≫ Advanced Package Tool Version0.7.23
Debian ≫ Advanced Package Tool Version0.7.23.1
Debian ≫ Advanced Package Tool Version0.7.24
Debian ≫ Advanced Package Tool Version0.8.0
Debian ≫ Advanced Package Tool Version0.8.0 Updatepre1
Debian ≫ Advanced Package Tool Version0.8.0 Updatepre2
Debian ≫ Advanced Package Tool Version0.8.1
Debian ≫ Advanced Package Tool Version0.8.10
Debian ≫ Advanced Package Tool Version0.8.10.1
Debian ≫ Advanced Package Tool Version0.8.10.2
Debian ≫ Advanced Package Tool Version0.8.10.3
Debian ≫ Advanced Package Tool Version0.8.11
Debian ≫ Advanced Package Tool Version0.8.11.1
Debian ≫ Advanced Package Tool Version0.8.11.2
Debian ≫ Advanced Package Tool Version0.8.11.3
Debian ≫ Advanced Package Tool Version0.8.11.4
Debian ≫ Advanced Package Tool Version0.8.11.5
Debian ≫ Advanced Package Tool Version0.8.12
Debian ≫ Advanced Package Tool Version0.8.13
Debian ≫ Advanced Package Tool Version0.8.13.1
Debian ≫ Advanced Package Tool Version0.8.13.2
Debian ≫ Advanced Package Tool Version0.8.14
Debian ≫ Advanced Package Tool Version0.8.14.1
Debian ≫ Advanced Package Tool Version0.8.15
Debian ≫ Advanced Package Tool Version0.8.15 Updateexp1
Debian ≫ Advanced Package Tool Version0.8.15 Updateexp2
Debian ≫ Advanced Package Tool Version0.8.15 Updateexp3
Debian ≫ Advanced Package Tool Version0.8.15.1
Debian ≫ Advanced Package Tool Version0.8.15.6
Debian ≫ Advanced Package Tool Version0.8.15.7
Debian ≫ Advanced Package Tool Version0.8.15.8
Debian ≫ Advanced Package Tool Version0.8.15.9
Debian ≫ Advanced Package Tool Version0.8.15.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.369 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 2.6 | 4.9 | 2.9 |
AV:N/AC:H/Au:N/C:N/I:P/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.