rpm package
opensuse/apt-cacher-ng&distro=openSUSE Leap 15.1
pkg:rpm/opensuse/apt-cacher-ng&distro=openSUSE%20Leap%2015.1
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-18899 | — | < 3.1-lp151.3.3.1 | 3.1-lp151.3.3.1 | Jan 23, 2020 | The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1 | ||
| CVE-2020-5202 | — | < 3.1-lp151.3.3.1 | 3.1-lp151.3.3.1 | Jan 21, 2020 | apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/apt-cacher-n |
- CVE-2019-18899Jan 23, 2020affected < 3.1-lp151.3.3.1fixed 3.1-lp151.3.3.1
The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1
- CVE-2020-5202Jan 21, 2020affected < 3.1-lp151.3.3.1fixed 3.1-lp151.3.3.1
apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/apt-cacher-n