{"id":"DEBIAN-CVE-2011-3374","details":"It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.","modified":"2026-04-28T20:07:05.372730Z","published":"2019-11-26T00:15:11.030Z","upstream":["CVE-2011-3374"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2011-3374"}],"affected":[{"package":{"name":"apt","ecosystem":"Debian:11","purl":"pkg:deb/debian/apt?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.2.4","2.3.0","2.3.1","2.3.10","2.3.11","2.3.12","2.3.13","2.3.14","2.3.15","2.3.2","2.3.3","2.3.4","2.3.5","2.3.6","2.3.7","2.3.8","2.3.9","2.4.0","2.4.1","2.4.2","2.4.3","2.4.4","2.4.5","2.5.0","2.5.1","2.5.2","2.5.3","2.5.4","2.5.5","2.5.6","2.6.0","2.6.1","2.7.0","2.7.1","2.7.10","2.7.10+nmu1~exp1","2.7.10+nmu1~exp2","2.7.11","2.7.12","2.7.12+nmu1","2.7.12+nmu1~exp1","2.7.13","2.7.14","2.7.2","2.7.3","2.7.4","2.7.5","2.7.6","2.7.7","2.7.8","2.7.9","2.9.0","2.9.1","2.9.10","2.9.11","2.9.12","2.9.13","2.9.14","2.9.14+noAptKey1","2.9.15","2.9.16","2.9.17","2.9.17+exp1","2.9.18","2.9.18+exp1","2.9.18+exp2","2.9.18+exp3","2.9.19","2.9.2","2.9.20","2.9.21","2.9.22","2.9.23","2.9.24","2.9.25","2.9.25+exp1","2.9.26","2.9.26+exp1","2.9.27","2.9.27+exp1","2.9.28","2.9.28+exp1","2.9.29","2.9.29+exp1","2.9.29+exp2","2.9.3","2.9.30","2.9.31","2.9.32","2.9.33","2.9.34","2.9.35","2.9.4","2.9.5","2.9.6","2.9.7","2.9.8","2.9.9","3.0.0","3.0.1","3.0.2","3.0.3","3.1.0","3.1.1","3.1.10","3.1.11","3.1.12","3.1.13","3.1.14","3.1.15","3.1.16","3.1.2","3.1.3","3.1.4","3.1.5","3.1.6","3.1.7","3.1.8","3.1.9","3.2.0"],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2011-3374.json"}},{"package":{"name":"apt","ecosystem":"Debian:12","purl":"pkg:deb/debian/apt?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.6.1","2.7.0","2.7.1","2.7.10","2.7.10+nmu1~exp1","2.7.10+nmu1~exp2","2.7.11","2.7.12","2.7.12+nmu1","2.7.12+nmu1~exp1","2.7.13","2.7.14","2.7.2","2.7.3","2.7.4","2.7.5","2.7.6","2.7.7","2.7.8","2.7.9","2.9.0","2.9.1","2.9.10","2.9.11","2.9.12","2.9.13","2.9.14","2.9.14+noAptKey1","2.9.15","2.9.16","2.9.17","2.9.17+exp1","2.9.18","2.9.18+exp1","2.9.18+exp2","2.9.18+exp3","2.9.19","2.9.2","2.9.20","2.9.21","2.9.22","2.9.23","2.9.24","2.9.25","2.9.25+exp1","2.9.26","2.9.26+exp1","2.9.27","2.9.27+exp1","2.9.28","2.9.28+exp1","2.9.29","2.9.29+exp1","2.9.29+exp2","2.9.3","2.9.30","2.9.31","2.9.32","2.9.33","2.9.34","2.9.35","2.9.4","2.9.5","2.9.6","2.9.7","2.9.8","2.9.9","3.0.0","3.0.1","3.0.2","3.0.3","3.1.0","3.1.1","3.1.10","3.1.11","3.1.12","3.1.13","3.1.14","3.1.15","3.1.16","3.1.2","3.1.3","3.1.4","3.1.5","3.1.6","3.1.7","3.1.8","3.1.9","3.2.0"],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2011-3374.json"}},{"package":{"name":"apt","ecosystem":"Debian:13","purl":"pkg:deb/debian/apt?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.0.3","3.1.0","3.1.1","3.1.10","3.1.11","3.1.12","3.1.13","3.1.14","3.1.15","3.1.16","3.1.2","3.1.3","3.1.4","3.1.5","3.1.6","3.1.7","3.1.8","3.1.9","3.2.0"],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2011-3374.json"}},{"package":{"name":"apt","ecosystem":"Debian:14","purl":"pkg:deb/debian/apt?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.0.3","3.1.0","3.1.1","3.1.10","3.1.11","3.1.12","3.1.13","3.1.14","3.1.15","3.1.16","3.1.2","3.1.3","3.1.4","3.1.5","3.1.6","3.1.7","3.1.8","3.1.9","3.2.0"],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2011-3374.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}]}