people.canonical.com Open in urlscan Pro
91.189.89.62 Public Scan

Back to summary

URL:
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-3462
Submission: On March 17 via api (March 17th 2022, 11:41:52 am UTC) from IL — Scanned from GB

Form analysis
0 forms found in the DOM

Text Content

Ubuntu CVE Tracker
 * Home
 * Main
 * Universe
 * Partner


CVE-2019-3462

Priority
High

Description
Incorrect sanitation of the 302 redirect field in HTTP transport method of
apt versions 1.4.8 and earlier can lead to content injection by a MITM
attacker, potentially leading to remote code execution on the target
machine.

References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3462
https://ubuntu.com/security/notices/USN-3863-1
https://ubuntu.com/security/notices/USN-3863-2

Bugs
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1812353

Assigned-to
mdeslaur

Notes



Package
Source: apt (LP Ubuntu Debian)

Upstream:needs-triage Ubuntu 18.04 LTS (Bionic Beaver):released (1.6.6ubuntu0.1)
Ubuntu 16.04 ESM (Xenial Xerus):released (1.2.29ubuntu0.1) Ubuntu 14.04 ESM
(Trusty Tahr):released (1.0.1ubuntu2.19)

Patches:



More Information
 * Mitre
 * NVD
 * Launchpad
 * Debian

Updated: 2022-02-11 02:01:34 UTC (commit
acb3d89ab51f1d5e5543fa993969c0eb13c71f04)

© Canonical Ltd. 2007-2022

people.canonical.com Open in urlscan Pro 91.189.89.62 Public Scan

Form analysis 0 forms found in the DOM

Text Content

people.canonical.com Open in urlscan Pro
91.189.89.62 Public Scan

Form analysis
0 forms found in the DOM