Vulnerability Description
Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170. This issue affects: python-apt 1.1.0~beta1 versions prior to 1.1.0~beta1ubuntu0.16.04.10; 1.6.5ubuntu0 versions prior to 1.6.5ubuntu0.4; 2.0.0ubuntu0 versions prior to 2.0.0ubuntu0.20.04.2; 2.1.3ubuntu1 versions prior to 2.1.3ubuntu1.1;
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | Advanced Package Tool | >= 1.1.0\~beta1, < 1.1.0\~beta1ubuntu0.16.04.10 |
| Canonical | Ubuntu Linux | 16.04 |
| Debian | Debian Linux | 10.0 |
Related Weaknesses (CWE)
References
- https://bugs.launchpad.net/bugs/1899193Broken Link
- https://usn.ubuntu.com/usn/usn-4668-1Vendor Advisory
- https://www.debian.org/security/2020/dsa-4809Vendor Advisory
- https://bugs.launchpad.net/bugs/1899193Broken Link
- https://usn.ubuntu.com/usn/usn-4668-1Vendor Advisory
- https://www.debian.org/security/2020/dsa-4809Vendor Advisory
FAQ
What is CVE-2020-27351?
CVE-2020-27351 is a vulnerability with a CVSS score of 2.0 (LOW). Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170. This issue affects: python-apt 1.1.0~beta1 versions prior...
How severe is CVE-2020-27351?
CVE-2020-27351 has been rated LOW with a CVSS base score of 2.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-27351?
Check the references section above for vendor advisories and patch information. Affected products include: Debian Advanced Package Tool, Canonical Ubuntu Linux, Debian Debian Linux.