CVE-2020-27351

LOW

python-apt <1.1.0~beta1ubuntu0.16.04.10, <1.6.5ubuntu0.4, <2.0.0ubu...

Title source: llm

Description

Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170. This issue affects: python-apt 1.1.0~beta1 versions prior to 1.1.0~beta1ubuntu0.16.04.10; 1.6.5ubuntu0 versions prior to 1.6.5ubuntu0.4; 2.0.0ubuntu0 versions prior to 2.0.0ubuntu0.20.04.2; 2.1.3ubuntu1 versions prior to 2.1.3ubuntu1.1;

References (3)

Scores

CVSS v3 2.0
EPSS 0.0006
EPSS Percentile 19.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L

Classification

CWE
CWE-772
Status published

Affected Products (1)

debian/advanced_package_tool < 1.1.0\~beta1ubuntu0.16.04.10

Timeline

Published Dec 10, 2020
Tracked Since Feb 18, 2026