Apt-cacher-ng Project Apt-cacher-ng — known CVE vulnerabilities
Every CVE whose affected-product data names Apt-cacher-ng Project Apt-cacher-ng, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2019-18899 — CVSS 6.2 (medium): The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can…
CVE-2017-7443 — CVSS 6.1 (medium): apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP response splitting via encoded newline characters, related to lack of…
CVE-2020-5202 — CVSS 5.5 (medium): apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The…
CVE-2025-11146 — CVSS 5.4 (medium): Reflected Cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. The vulnerability allows an attacker to execute malicious scripts (XSS) in…
CVE-2025-11147 — CVSS 5.4 (medium): Reflected cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. The vulnerability allows malicious scripts (XSS) to be executed in…