High severity8.1NVD Advisory· Published Jan 28, 2019· Updated Jun 17, 2026
CVE-2019-3462
CVE-2019-3462
Description
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Debian GNU/Linux/apt as used in Debian Stretch and Ubuntuv5Range: 1.4.8 and earlier
Patches
Vulnerability mechanics
References
8- www.debian.org/security/2019/dsa-4371nvdPatchVendor Advisory
- www.securityfocus.com/bid/106690nvdThird Party AdvisoryVDB Entry
- lists.debian.org/debian-lts-announce/2019/01/msg00013.htmlnvdMailing ListVendor Advisory
- lists.debian.org/debian-lts-announce/2019/01/msg00014.htmlnvdMailing ListVendor Advisory
- security.netapp.com/advisory/ntap-20190125-0002/nvdThird Party Advisory
- usn.ubuntu.com/3863-1/nvdThird Party Advisory
- usn.ubuntu.com/3863-2/nvdThird Party Advisory
- lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3Envd
News mentions
0No linked articles in our index yet.