CVE-2014-0478
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2014-0478
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2014-0478.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2014-0478
- Downstream
- Published
- 2014-06-17T14:55:06Z
- Modified
- 2025-08-09T19:01:28Z
- Summary
- [none]
- Details
-
APT before 1.0.4 does not properly validate source packages, which allows man-in-the-middle attackers to download and install Trojan horse packages by removing the Release signature.
- References