CVE-2025-23222

An issue was discovered in Deepin dde-api-proxy through 1.0.19 in which unprivileged users can access D-Bus services as root. Specifically, dde-api-proxy runs as root and forwards messages from arbitrary local users to legacy D-Bus methods in the actual D-Bus services, and the actual D-Bus servic...

EUVD-2025-3151

Malicious code in bioql PyPI...

dde-api-proxy 安全漏洞

dde-api-proxy is a proxy program from Deepin open source. A security vulnerability exists in dde-api-proxy version 1.0.19, which stems from the fact that an unprivileged user can access the D-Bus service as root...

CVE-2025-23222

An issue was discovered in Deepin dde-api-proxy through 1.0.19 in which unprivileged users can access D-Bus services as root. Specifically, dde-api-proxy runs as root and forwards messages from arbitrary local users to legacy D-Bus methods in the actual D-Bus services, and the actual D-Bus servic...

CVE-2025-23222

Deepin dde-api-proxy (v1.0.19 and earlier) exposes a local privilege-escalation flaw: the daemon runs as root and forwards local user D-Bus requests to legacy D-Bus services, which do not detect the proxy context. This can allow unprivileged users to access D-Bus methods that should be restricted...

PT-2025-4860 · Deepin · Dde-Api-Proxy

Name of the Vulnerable Software and Affected Versions: Deepin dde-api-proxy versions 1.0.0 through 1.0.19 Description: The issue allows unprivileged users to access D-Bus services as root because dde-api-proxy runs as root and forwards messages from arbitrary local users to legacy D-Bus methods i...