Vulnerabilities > Debian > Python APT

DATE CVE VULNERABILITY TITLE RISK
2020-03-26 CVE-2019-15796 Improper Verification of Cryptographic Signature vulnerability in multiple products
Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or in `_fetch_archives()` of apt/cache.py in version 1.9.3ubuntu2 and earlier.
network
high complexity
ubuntu debian CWE-347
4.7
2020-03-26 CVE-2019-15795 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py in version 1.9.0ubuntu1 and earlier.
network
high complexity
ubuntu debian CWE-327
4.7