CVE-2011-4407
EPSS 0.13%發布日:2014/5/14修改日:2026/4/28
也稱為:DEBIAN-CVE-2011-4407
描述
ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle (MITM) attackers to spoof GPG keys for a package repository.
受影響套件(1)
- Debian/software-propertiesfrom 0, < 0.76.7debian2+nmu2