Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Packagekit
(Packagekit_project)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 7 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-11-07 | CVE-2020-16121 | PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own. | Ubuntu_linux, Packagekit | 3.3 | ||
2019-11-27 | CVE-2011-2515 | PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code. | Debian_linux, Packagekit, Enterprise_linux_server | N/A | ||
2018-04-23 | CVE-2018-1106 | An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system. | Ubuntu_linux, Debian_linux, Packagekit, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 5.5 | ||
2014-04-16 | CVE-2013-1764 | The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method. | Packagekit | N/A |