CVE-2018-0501 in Debian and Canonical Products
Published on August 21, 2018
The mirror:// method implementation in Advanced Package Tool (APT) 1.6.x before 1.6.4 and 1.7.x before 1.7.0~alpha3 mishandles gpg signature verification for the InRelease file of a fallback mirror, aka mirrorfail.
Products Associated with CVE-2018-0501
stack.watch emails you whenever new vulnerabilities are published in Debian Advanced Package Tool or Canonical Ubuntu Linux. Just hit a watch button to start following.
Exploit Probability
EPSS
0.13%
Percentile
32.92%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.