Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle (MITM) attackers to spoof GPG keys for a package repository.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ubuntu Software Properties安全绕过漏洞
Vulnerability Description
Ubuntu是英国科能(Canonical)公司和Ubuntu基金会共同开发的一套以桌面应用为主的GNU/Linux操作系统。Software Properties是其中的一个软件源在线更新包。 Software Properties 0.81.13.1及之前版本的ppa.py文件存在安全漏洞,该漏洞源于当下载密钥指纹程序没有正确验证服务器证书。攻击者可利用该漏洞实施中间人攻击,安装修改的程序包库的GPG密钥。
CVSS Information
N/A
Vulnerability Type
N/A