CVE-2015-0840
13.04.2015, 14:59
The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file (.dsc).Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| debian | dpkg | 𝑥 ≤ 1.16.15 |
| debian | dpkg | 1.17.0 |
| debian | dpkg | 1.17.1 |
| debian | dpkg | 1.17.2 |
| debian | dpkg | 1.17.3 |
| debian | dpkg | 1.17.4 |
| debian | dpkg | 1.17.5 |
| debian | dpkg | 1.17.6 |
| debian | dpkg | 1.17.7 |
| debian | dpkg | 1.17.8 |
| debian | dpkg | 1.17.9 |
| debian | dpkg | 1.17.10 |
| debian | dpkg | 1.17.11 |
| debian | dpkg | 1.17.12 |
| debian | dpkg | 1.17.13 |
| debian | dpkg | 1.17.14 |
| debian | dpkg | 1.17.15 |
| debian | dpkg | 1.17.16 |
| debian | dpkg | 1.17.17 |
| debian | dpkg | 1.17.18 |
| debian | dpkg | 1.17.19 |
| debian | dpkg | 1.17.20 |
| debian | dpkg | 1.17.21 |
| debian | dpkg | 1.17.22 |
| debian | dpkg | 1.17.23 |
| debian | dpkg | 1.17.24 |
| canonical | ubuntu_linux | 10.04 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 14.10 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| dpkg |
| ||||||||||||||||||||||||||||||||||||||||||||||||
| dpkg-devel |
|
Common Weakness Enumeration
References