← volver
CVE-2020-16121

PackageKit error messages leak presence and mimetype of files to unprivileged users

CVSS 3.3 LOWEPSS 0.5%CWE-209
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Productos afectados
PackageKit · PackageKit

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1888887https://www.eyecontrol.nl/blog/the-story-of-3-cves-in-ubuntu-desktop.html