Vulnerability: Insecure Validation of GPG Keys in apt-key Allows Man-in-the-Middle Attacks

Vulnerability: Insecure Validation of GPG Keys in apt-key Allows Man-in-the-Middle Attacks

CVE-2011-3374 · LOW Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.

Learn more about our Web Application Penetration Testing UK.