CVE-2011-3374

ADVISORY - nist

Summary

It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.

EPSS Score⁠: 0.00164 (0.538)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-347⁠

Improper Verification of Cryptographic Signature

Impacted images

Advisories

NIST

CREATED

5 years ago

UPDATED

4 years ago

ADVISORY IDCVE-2011-3374⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-347⁠

CVSS SCORE

3.7low

Debian

CREATED

5 years ago

UPDATED

5 days ago

ADVISORY IDCVE-2011-3374⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

5 years ago

UPDATED

7 months ago

ADVISORY IDCVE-2011-3374⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

3.7critical

intheWild

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDCVE-2011-3374⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY