PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
bugs.launchpad.net/ubuntu/%2Bsource/packagekit/%2Bbug/1888887
bugzilla.redhat.com/show_bug.cgi?id=1884560
nvd.nist.gov/vuln/detail/CVE-2020-16121
people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-16121.html?_ga=2.191526435.887932068.1602011173-1206535791.1586737989
www.cve.org/CVERecord?id=CVE-2020-16121