CVE-2022-4964

Опубликовано: 24 янв. 2024

Источник: debian

EPSS Низкий

Описание

Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.

Пакет	Статус	Версия исправления	Релиз	Тип
pipewire	fixed	1.0.2-1		package

https://bugs.launchpad.net/ubuntu/+source/pipewire/+bug/1995707/
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/d568dcd64f64454289e1f35ed07a11749f95b04e
In Debian pipewire is not built with snap support until 1.0.2-1 (including at same time the fix
for CVE-2022-4964; earlier versions did not include snap feature support)

EPSS

Процентиль: 17%

0.00055

Низкий

CVE-2022-4964

CVSS3: 5.5

ubuntu

около 2 лет назад

Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.

CVE-2022-4964

CVSS3: 5.5

redhat

около 2 лет назад

Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.

CVE-2022-4964

CVSS3: 5.5

nvd

около 2 лет назад

Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.

GHSA-p626-3xpc-x4f6

CVSS3: 5.5

github

около 2 лет назад

Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.

EPSS

Процентиль: 17%

0.00055

Низкий