2 matches found
CVE-2020-16121
CVE-2020-16121 affects PackageKit in multiple Linux distros. The flaw allows a local, unprivileged user to learn the MIME type and presence of files via DBus interfaces (InstallFiles, GetFilesLocal, GetDetailsLocal). Several advisories and Nessus/NVD references show this as an information-disclos...
CVE-2020-16122
CVE-2020-16122 concerns PackageKit’s apt backend, which incorrectly treated all local .deb packages as trusted. The vulnerability arises because the apt security model relies on repository trust rather than the contents of individual files, enabling a local attacker to potentially install malicio...