CVE-2019-3462 vulnerability in Debian and Other Products
Published on January 28, 2019

Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.

Github Repository Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2019-3462

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-3462 are published in these products:

Debian Advanced Package Tool

NetApp Active Iq

NetApp Element Software

Canonical Ubuntu Linux

Debian Linux

Affected Versions

Debian GNU/Linux apt as used in Debian Stretch and Ubuntu Version 1.4.8 and earlier is affected by CVE-2019-3462

Exploit Probability

EPSS

6.99%

Percentile

91.29%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-3462 vulnerability in Debian and Other ProductsPublished on January 28, 2019

Products Associated with CVE-2019-3462

Affected Versions

Exploit Probability

CVE-2019-3462 vulnerability in Debian and Other Products
Published on January 28, 2019