11 matches found
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : PackageKit vulnerabilities (USN-4538-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4538-1 advisory. Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the...
SUSE CVE-2021-32556
It was discovered that the getmodifiedconffiles function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg1 call...
CVE-2020-16122
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages...
CVE-2020-16122
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages...
Design/Logic Flaw
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages...
CVE-2020-16122
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages...
CVE-2020-16122 Packagekit's apt backend lets user install untrusted local packages
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages...
CVE-2020-16122
CVE-2020-16122 concerns PackageKit’s apt backend, which incorrectly treated all local .deb packages as trusted. The vulnerability arises because the apt security model relies on repository trust rather than the contents of individual files, enabling a local attacker to potentially install malicio...
CVE-2020-16122
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages...
CVE-2020-16122
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages...
UBUNTU-CVE-2020-16122
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages...