{"id":"USN-4668-1","summary":"python-apt vulnerability","details":"Kevin Backhouse discovered that python-apt incorrectly handled resources. A\nlocal attacker could possibly use this issue to cause python-apt to consume\nresources, leading to a denial of service.\n","modified":"2026-04-22T10:10:52.571622Z","published":"2020-12-09T16:36:45Z","related":["UBUNTU-CVE-2020-27351"],"upstream":["CVE-2020-27351","UBUNTU-CVE-2020-27351"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4668-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-27351"}],"affected":[{"package":{"name":"python-apt","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/python-apt@1.1.0~beta1ubuntu0.16.04.10?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.0~beta1ubuntu0.16.04.10"}]}],"versions":["1.0.1build1","1.0.1ubuntu2","1.1.0~beta1","1.1.0~beta1build1","1.1.0~beta1ubuntu0.16.04.1","1.1.0~beta1ubuntu0.16.04.2","1.1.0~beta1ubuntu0.16.04.4","1.1.0~beta1ubuntu0.16.04.5","1.1.0~beta1ubuntu0.16.04.7","1.1.0~beta1ubuntu0.16.04.8","1.1.0~beta1ubuntu0.16.04.9"],"ecosystem_specific":{"binaries":[{"binary_version":"1.1.0~beta1ubuntu0.16.04.10","binary_name":"python-apt"},{"binary_version":"1.1.0~beta1ubuntu0.16.04.10","binary_name":"python-apt-common"},{"binary_version":"1.1.0~beta1ubuntu0.16.04.10","binary_name":"python3-apt"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4668-1.json","cves_map":{"ecosystem":"Ubuntu:16.04:LTS","cves":[{"id":"CVE-2020-27351","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"python-apt","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/python-apt@1.6.5ubuntu0.4?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.5ubuntu0.4"}]}],"versions":["1.4.0~beta3build2","1.4.0~beta3ubuntu1","1.6.0~rc2ubuntu1","1.6.0~rc2ubuntu2","1.6.0","1.6.1","1.6.2","1.6.3","1.6.3ubuntu1","1.6.4","1.6.5ubuntu0.1","1.6.5ubuntu0.2","1.6.5ubuntu0.3"],"ecosystem_specific":{"binaries":[{"binary_version":"1.6.5ubuntu0.4","binary_name":"python-apt"},{"binary_version":"1.6.5ubuntu0.4","binary_name":"python-apt-common"},{"binary_version":"1.6.5ubuntu0.4","binary_name":"python3-apt"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4668-1.json","cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2020-27351","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"python-apt","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/python-apt@2.0.0ubuntu0.20.04.2?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.0ubuntu0.20.04.2"}]}],"versions":["1.9.0ubuntu1","1.9.0ubuntu3","1.9.0ubuntu5","1.9.3ubuntu2","1.9.5","1.9.5build1","1.9.7","1.9.8","1.9.10","2.0.0","2.0.0ubuntu0.20.04.1"],"ecosystem_specific":{"binaries":[{"binary_version":"2.0.0ubuntu0.20.04.2","binary_name":"python-apt"},{"binary_version":"2.0.0ubuntu0.20.04.2","binary_name":"python-apt-common"},{"binary_version":"2.0.0ubuntu0.20.04.2","binary_name":"python3-apt"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4668-1.json","cves_map":{"ecosystem":"Ubuntu:20.04:LTS","cves":[{"id":"CVE-2020-27351","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}}],"schema_version":"1.7.5"}