CVE-2011-0402 [Medium] | Security Vulnerability in Dpkg

CVE-2011-0402 is rated Moderate Risk (53.3/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 1.29%). Review affected assets and schedule remediation.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2025-03-30	2.41%	1.29%	-1.11%
2	2025-03-29	1.29%	2.41%	+1.11%
3	2025-03-17	—	1.29%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2025-03-30

2.41%

1.29%

-1.11%

2025-03-29

1.29%

2.41%

+1.11%

2025-03-17

—

1.29%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
6.8	2.0	MEDIUM	`AV:N/AC:M/Au:N/C:P/I:P/A:P` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:M) Exploitation needs some favorable conditions, but not exceptional ones. Authentication (AU:N) No authentication is required. Confidentiality impact (C:P) Partial confidentiality impact. Integrity impact (I:P) Partial integrity impact. Availability impact (A:P) Partial availability impact.	8.6	6.4	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

6.8

2.0

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P Click to expand

Access vector (AV:N): Can be exploited remotely over network reachability.
Access complexity (AC:M): Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N): No authentication is required.
Confidentiality impact (C:P): Partial confidentiality impact.
Integrity impact (I:P): Partial integrity impact.
Availability impact (A:P): Partial availability impact.

8.6

6.4

[email protected]

OS Trackers for CVE-2011-0402

vendor	priority	summary	link
`debian`	not yet assigned	CVE-2011-0402 not yet assigned priority: Debian including 1 source packages (dpkg), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.	https://security-tracker.debian.org/tracker/CVE-2011-0402
`ubuntu`	medium	CVE-2011-0402 medium priority: Ubuntu including 1 source packages (dpkg), 6 status rows across 6 suites (dapper, hardy, karmic, lucid, maverick, upstream): released 4, not-affected 2.	https://ubuntu.com/security/CVE-2011-0402

Affected software / configurations for CVE-2011-0402

Vendor	Product	Version	Raw CPE
debian	dpkg	<= 1.14.30	cpe:2.3:a:debian:dpkg::::::::
debian	dpkg	1.9.19	cpe:2.3:a:debian:dpkg:1.9.19:::::::*
debian	dpkg	1.9.20	cpe:2.3:a:debian:dpkg:1.9.20:::::::*
debian	dpkg	1.9.21	cpe:2.3:a:debian:dpkg:1.9.21:::::::*
debian	dpkg	1.10	cpe:2.3:a:debian:dpkg:1.10:::::::*
debian	dpkg	1.10.1	cpe:2.3:a:debian:dpkg:1.10.1:::::::*
debian	dpkg	1.10.2	cpe:2.3:a:debian:dpkg:1.10.2:::::::*
debian	dpkg	1.10.3	cpe:2.3:a:debian:dpkg:1.10.3:::::::*
debian	dpkg	1.10.4	cpe:2.3:a:debian:dpkg:1.10.4:::::::*
debian	dpkg	1.10.5	cpe:2.3:a:debian:dpkg:1.10.5:::::::*
debian	dpkg	1.10.6	cpe:2.3:a:debian:dpkg:1.10.6:::::::*
debian	dpkg	1.10.7	cpe:2.3:a:debian:dpkg:1.10.7:::::::*
debian	dpkg	1.10.8	cpe:2.3:a:debian:dpkg:1.10.8:::::::*
debian	dpkg	1.10.9	cpe:2.3:a:debian:dpkg:1.10.9:::::::*
debian	dpkg	1.10.10	cpe:2.3:a:debian:dpkg:1.10.10:::::::*
debian	dpkg	1.10.11	cpe:2.3:a:debian:dpkg:1.10.11:::::::*
debian	dpkg	1.10.12	cpe:2.3:a:debian:dpkg:1.10.12:::::::*
debian	dpkg	1.10.13	cpe:2.3:a:debian:dpkg:1.10.13:::::::*
debian	dpkg	1.10.14	cpe:2.3:a:debian:dpkg:1.10.14:::::::*
debian	dpkg	1.10.15	cpe:2.3:a:debian:dpkg:1.10.15:::::::*
debian	dpkg	1.10.16	cpe:2.3:a:debian:dpkg:1.10.16:::::::*
debian	dpkg	1.10.17	cpe:2.3:a:debian:dpkg:1.10.17:::::::*
debian	dpkg	1.10.18	cpe:2.3:a:debian:dpkg:1.10.18:::::::*
debian	dpkg	1.10.18.1	cpe:2.3:a:debian:dpkg:1.10.18.1:::::::*
debian	dpkg	1.10.19	cpe:2.3:a:debian:dpkg:1.10.19:::::::*
debian	dpkg	1.10.20	cpe:2.3:a:debian:dpkg:1.10.20:::::::*
debian	dpkg	1.10.21	cpe:2.3:a:debian:dpkg:1.10.21:::::::*
debian	dpkg	1.10.22	cpe:2.3:a:debian:dpkg:1.10.22:::::::*
debian	dpkg	1.10.23	cpe:2.3:a:debian:dpkg:1.10.23:::::::*
debian	dpkg	1.10.24	cpe:2.3:a:debian:dpkg:1.10.24:::::::*
debian	dpkg	1.10.25	cpe:2.3:a:debian:dpkg:1.10.25:::::::*
debian	dpkg	1.10.26	cpe:2.3:a:debian:dpkg:1.10.26:::::::*
debian	dpkg	1.10.27	cpe:2.3:a:debian:dpkg:1.10.27:::::::*
debian	dpkg	1.10.28	cpe:2.3:a:debian:dpkg:1.10.28:::::::*
debian	dpkg	1.13.0	cpe:2.3:a:debian:dpkg:1.13.0:::::::*
debian	dpkg	1.13.1	cpe:2.3:a:debian:dpkg:1.13.1:::::::*
debian	dpkg	1.13.2	cpe:2.3:a:debian:dpkg:1.13.2:::::::*
debian	dpkg	1.13.3	cpe:2.3:a:debian:dpkg:1.13.3:::::::*
debian	dpkg	1.13.4	cpe:2.3:a:debian:dpkg:1.13.4:::::::*
debian	dpkg	1.13.5	cpe:2.3:a:debian:dpkg:1.13.5:::::::*
debian	dpkg	1.13.6	cpe:2.3:a:debian:dpkg:1.13.6:::::::*
debian	dpkg	1.13.7	cpe:2.3:a:debian:dpkg:1.13.7:::::::*
debian	dpkg	1.13.8	cpe:2.3:a:debian:dpkg:1.13.8:::::::*
debian	dpkg	1.13.9	cpe:2.3:a:debian:dpkg:1.13.9:::::::*
debian	dpkg	1.13.10	cpe:2.3:a:debian:dpkg:1.13.10:::::::*
debian	dpkg	1.13.11	cpe:2.3:a:debian:dpkg:1.13.11:::::::*
debian	dpkg	1.13.11.1	cpe:2.3:a:debian:dpkg:1.13.11.1:::::::*
debian	dpkg	1.13.12	cpe:2.3:a:debian:dpkg:1.13.12:::::::*
debian	dpkg	1.13.13	cpe:2.3:a:debian:dpkg:1.13.13:::::::*
debian	dpkg	1.13.14	cpe:2.3:a:debian:dpkg:1.13.14:::::::*
debian	dpkg	1.13.15	cpe:2.3:a:debian:dpkg:1.13.15:::::::*
debian	dpkg	1.13.16	cpe:2.3:a:debian:dpkg:1.13.16:::::::*
debian	dpkg	1.13.17	cpe:2.3:a:debian:dpkg:1.13.17:::::::*
debian	dpkg	1.13.18	cpe:2.3:a:debian:dpkg:1.13.18:::::::*
debian	dpkg	1.13.19	cpe:2.3:a:debian:dpkg:1.13.19:::::::*
debian	dpkg	1.13.20	cpe:2.3:a:debian:dpkg:1.13.20:::::::*
debian	dpkg	1.13.21	cpe:2.3:a:debian:dpkg:1.13.21:::::::*
debian	dpkg	1.13.22	cpe:2.3:a:debian:dpkg:1.13.22:::::::*
debian	dpkg	1.13.23	cpe:2.3:a:debian:dpkg:1.13.23:::::::*
debian	dpkg	1.13.24	cpe:2.3:a:debian:dpkg:1.13.24:::::::*
debian	dpkg	1.13.25	cpe:2.3:a:debian:dpkg:1.13.25:::::::*
debian	dpkg	1.14.0	cpe:2.3:a:debian:dpkg:1.14.0:::::::*
debian	dpkg	1.14.1	cpe:2.3:a:debian:dpkg:1.14.1:::::::*
debian	dpkg	1.14.2	cpe:2.3:a:debian:dpkg:1.14.2:::::::*
debian	dpkg	1.14.3	cpe:2.3:a:debian:dpkg:1.14.3:::::::*
debian	dpkg	1.14.4	cpe:2.3:a:debian:dpkg:1.14.4:::::::*
debian	dpkg	1.14.5	cpe:2.3:a:debian:dpkg:1.14.5:::::::*
debian	dpkg	1.14.6	cpe:2.3:a:debian:dpkg:1.14.6:::::::*
debian	dpkg	1.14.7	cpe:2.3:a:debian:dpkg:1.14.7:::::::*
debian	dpkg	1.14.8	cpe:2.3:a:debian:dpkg:1.14.8:::::::*
debian	dpkg	1.14.9	cpe:2.3:a:debian:dpkg:1.14.9:::::::*
debian	dpkg	1.14.10	cpe:2.3:a:debian:dpkg:1.14.10:::::::*
debian	dpkg	1.14.11	cpe:2.3:a:debian:dpkg:1.14.11:::::::*
debian	dpkg	1.14.12	cpe:2.3:a:debian:dpkg:1.14.12:::::::*
debian	dpkg	1.14.13	cpe:2.3:a:debian:dpkg:1.14.13:::::::*
debian	dpkg	1.14.14	cpe:2.3:a:debian:dpkg:1.14.14:::::::*
debian	dpkg	1.14.15	cpe:2.3:a:debian:dpkg:1.14.15:::::::*
debian	dpkg	1.14.16	cpe:2.3:a:debian:dpkg:1.14.16:::::::*
debian	dpkg	1.14.16.1	cpe:2.3:a:debian:dpkg:1.14.16.1:::::::*
debian	dpkg	1.14.16.2	cpe:2.3:a:debian:dpkg:1.14.16.2:::::::*

References for CVE-2011-0402

URL	Tags
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053306.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053311.html
http://osvdb.org/70367
http://secunia.com/advisories/42826	Vendor Advisory
http://secunia.com/advisories/42831	Vendor Advisory
http://secunia.com/advisories/43054
http://www.debian.org/security/2011/dsa-2142
http://www.securityfocus.com/bid/45703
http://www.ubuntu.com/usn/USN-1038-1
http://www.vupen.com/english/advisories/2011/0040	Vendor Advisory
http://www.vupen.com/english/advisories/2011/0044	Vendor Advisory
http://www.vupen.com/english/advisories/2011/0196
https://exchange.xforce.ibmcloud.com/vulnerabilities/64614

URL

CVE-2011-0402

Exploit prediction scoring system (EPSS) score for CVE-2011-0402

Common vulnerability scoring system (CVSS) metrics for CVE-2011-0402

Weakness enumeration for CVE-2011-0402

OS Trackers for CVE-2011-0402

Affected software / configurations for CVE-2011-0402

References for CVE-2011-0402