CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
15.5%
Ubuntu’s pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | pipewire | <= 0.3.65-3+deb12u1 | pipewire_0.3.65-3+deb12u1_all.deb |
Debian | 11 | all | pipewire | <= 0.3.19-4 | pipewire_0.3.19-4_all.deb |
Debian | 999 | all | pipewire | < 1.0.2-1 | pipewire_1.0.2-1_all.deb |
Debian | 13 | all | pipewire | < 1.0.2-1 | pipewire_1.0.2-1_all.deb |