CVE-2025-11147
- EPSS 0.04%
- Veröffentlicht 29.09.2025 10:15:37
- Zuletzt bearbeitet 16.10.2025 15:54:26
Reflected cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. The vulnerability allows malicious scripts (XSS) to be executed in “/html/<filename>.html”.
CVE-2025-11146
- EPSS 0.04%
- Veröffentlicht 29.09.2025 10:15:36
- Zuletzt bearbeitet 16.10.2025 15:54:35
Reflected Cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. The vulnerability allows an attacker to execute malicious scripts (XSS) in the web management application. The vulnerability is caused by improper handling of GET inputs included in the UR...
CVE-2019-18899
- EPSS 0.12%
- Veröffentlicht 23.01.2020 15:15:13
- Zuletzt bearbeitet 21.11.2024 04:33:48
The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-c...
CVE-2020-5202
- EPSS 0.07%
- Veröffentlicht 21.01.2020 18:15:13
- Zuletzt bearbeitet 21.11.2024 05:33:40
apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit So...
CVE-2017-7443
- EPSS 0.24%
- Veröffentlicht 05.04.2017 20:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP response splitting via encoded newline characters, related to lack of blocking for the %0[ad] regular expression.