CVE-2019-3462

Name of the Vulnerable Software and Affected Versions apt versions 1.4.8 and earlier

Description The issue is related to incorrect sanitation of the 302 redirect field in the HTTP transport method, which can lead to content injection by a Man-In-The-Middle (MITM) attacker. This potentially allows for remote code execution on the target machine.

Recommendations For apt versions 1.4.8 and earlier, update to a version later than 1.4.8 to resolve the issue. As a temporary workaround, consider restricting the use of the HTTP transport method until a patch is available. Avoid using the HTTP protocol in apt configurations to minimize the risk of exploitation.