VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published May 15, 2020· Updated Sep 17, 2024

CVE-2020-3810

CVE-2020-3810

Description

Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files.

Affected products

1

Patches

1
fb6366c55faf

Release 2.1.2, take 2

https://github.com/Debian/aptJulian Andres KlodeMay 13, 2020via osv
commit
3 files changed · +3 3
  • debian/changelog+1 1 modified
    @@ -12,7 +12,7 @@ apt (2.1.2) unstable; urgency=critical
   [ Frans Spiesschaert ]
   * Dutch program translation update (Closes: #960186)
 
- -- Julian Andres Klode <jak@debian.org>  Tue, 12 May 2020 22:50:19 +0200
+ -- Julian Andres Klode <jak@debian.org>  Wed, 13 May 2020 22:04:47 +0200
 
 apt (2.1.1) unstable; urgency=medium
  • doc/po/apt-doc.pot+1 1 modified
    @@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: apt-doc 2.1.2\n"
 "Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
-"POT-Creation-Date: 2020-05-12 22:50+0200\n"
+"POT-Creation-Date: 2020-05-13 22:04+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
  • po/apt-all.pot+1 1 modified
    @@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: apt 2.1.2\n"
 "Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n"
-"POT-Creation-Date: 2020-05-12 22:50+0200\n"
+"POT-Creation-Date: 2020-05-13 22:04+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

8

News mentions

0

No linked articles in our index yet.