Medium severity5.9NVD Advisory· Published Aug 21, 2018· Updated Jun 17, 2026
CVE-2018-0501
CVE-2018-0501
Description
The mirror:// method implementation in Advanced Package Tool (APT) 1.6.x before 1.6.4 and 1.7.x before 1.7.0~alpha3 mishandles gpg signature verification for the InRelease file of a fallback mirror, aka mirrorfail.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
4- salsa.debian.org/apt-team/apt/commit/29658a3a74af49e2a24e17bdebb20e1612aac3ecnvdPatchThird Party Advisory
- salsa.debian.org/apt-team/apt/commit/aebd4278bacc728ab00ebe31556983e140f60e47nvdPatchThird Party Advisory
- mirror.failnvdThird Party AdvisoryURL Repurposed
- usn.ubuntu.com/3746-1/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.