| Bug | Description |
|---|
| CVE-2020-27350 | APT had several integer overflows and underflows while parsing .deb pa ... |
| CVE-2020-3810 | Missing input validation in the ar/tar implementations of APT before v ... |
| CVE-2019-3462 | Incorrect sanitation of the 302 redirect field in HTTP transport metho ... |
| CVE-2018-0501 | The mirror:// method implementation in Advanced Package Tool (APT) 1.6 ... |
| CVE-2016-1252 | The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable ... |
| CVE-2014-7206 | The changelog command in Apt before 1.0.9.2 allows local users to writ ... |
| CVE-2014-6273 | Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and ... |
| CVE-2014-0490 | The apt-get download command in APT before 1.0.9 does not properly val ... |
| CVE-2014-0489 | APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, doe ... |
| CVE-2014-0488 | APT before 1.0.9 does not "invalidate repository data" when moving fro ... |
| CVE-2014-0487 | APT before 1.0.9 does not verify downloaded files if they have been mo ... |
| CVE-2014-0478 | APT before 1.0.4 does not properly validate source packages, which all ... |
| CVE-2013-1051 | apt 0.8.16, 0.9.7, and possibly other versions does not properly handl ... |
| CVE-2012-3587 | APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-ke ... |
| CVE-2012-0961 | Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ub ... |
| CVE-2012-0954 | APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-ke ... |
| CVE-2012-0214 | The pkgAcqMetaClearSig::Failed method in apt-pkg/acquire-item.cc in Ad ... |
| CVE-2011-3634 | methods/https.cc in apt before 0.8.11 accepts connections when the cer ... |
| CVE-2011-1829 | APT before 0.8.15.2 does not properly validate inline GPG signatures, ... |
| CVE-2009-1358 | apt-get in apt before 0.7.21 does not check for the correct error code ... |
| CVE-2009-1300 | apt 0.7.20 does not check when the date command returns an "invalid da ... |