Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical software-properties vulnerabilities and exploits
(subscribe to this query)
7.4
CVSSv3
CVE-2012-0955
software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bu...
Canonical Software-properties
5.5
CVSSv3
CVE-2020-15709
Versions of add-apt-repository prior to 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1~esm1, printed a PPA (personal package archive) description to the terminal as-is, which allowed PPA owners to provide ANSI terminal escapes to modify terminal contents in unexpecte...
Canonical Add-apt-repository
NA
CVE-2011-4407
ppa.py in Software Properties prior to 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle (MITM) malicious users to spoof GPG keys for a package repository.
Canonical Ubuntu Linux 11.04
Canonical Software-properties
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.10
NA
CVE-2013-1061
dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 prior to 0.92.17.3, 0.92.9 prior to 0.92.9.3, and 0.82.7 prior to 0.82.7.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by lever...
Marc Deslauriers Software-properties 0.92.9
Marc Deslauriers Software-properties 0.82.7.4
Marc Deslauriers Software-properties 0.92.17.2
Marc Deslauriers Software-properties 0.82.7.3
Marc Deslauriers Software-properties 0.82.7.2
Marc Deslauriers Software-properties 0.92.17.1
Marc Deslauriers Software-properties 0.92.17
Marc Deslauriers Software-properties 0.82.7.1
Marc Deslauriers Software-properties 0.82.7
Marc Deslauriers Software-properties 0.92.9.2
Marc Deslauriers Software-properties 0.92.9.1
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.04
NA
CVE-2012-5356
The apt-add-repository tool in Ubuntu Software Properties 0.75.x prior to 0.75.10.3, 0.80.x prior to 0.80.9.2, 0.81.x prior to 0.81.13.5, 0.82.x prior to 0.82.7.3, and 0.92.x prior to 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote malic...
Canonical Ubuntu Software Properties 0.75.10.1
Canonical Ubuntu Software Properties 0.75.6
Canonical Ubuntu Software Properties 0.75.5
Canonical Ubuntu Software Properties 0.75.10
Canonical Ubuntu Software Properties 0.75.9
Canonical Ubuntu Software Properties 0.75.8
Canonical Ubuntu Software Properties 0.75.7
Canonical Ubuntu Software Properties 0.75.10.2
Canonical Ubuntu Software Properties 0.75.4
Canonical Ubuntu Software Properties 0.80.6
Canonical Ubuntu Software Properties 0.80.5
Canonical Ubuntu Software Properties 0.80.9.1
Canonical Ubuntu Software Properties 0.80.9
Canonical Ubuntu Software Properties 0.80.2
Canonical Ubuntu Software Properties 0.80
Canonical Ubuntu Software Properties 0.80.8
Canonical Ubuntu Software Properties 0.80.7
Canonical Ubuntu Software Properties 0.80.4
Canonical Ubuntu Software Properties 0.80.3
Canonical Ubuntu Software Properties 0.81.13.3
Canonical Ubuntu Software Properties 0.81.13.2
Canonical Ubuntu Software Properties 0.81.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started