CVE-2019-7306

Опубликовано: 17 апр. 2020

Источник: nvd

CVSS3: 4.3

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu

Ссылки

https://bugs.launchpad.net/ubuntu/+source/byobu/+bug/1827202
Exploit
Third Party Advisory
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7306
Third Party Advisory
https://bugs.launchpad.net/ubuntu/+source/byobu/+bug/1827202
Exploit
Third Party Advisory
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7306
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:byobu:byobu:-:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00524

Низкий

4.3 Medium

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-552

Связанные уязвимости

CVE-2019-7306

CVSS3: 4.3

ubuntu

почти 6 лет назад

Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu

CVE-2019-7306

CVSS3: 4.3

debian

почти 6 лет назад

Byobu Apport hook may disclose sensitive information since it automati ...

GHSA-2rpx-jj49-wf29

github

больше 3 лет назад

Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu

EPSS

Процентиль: 66%

0.00524

Низкий

4.3 Medium

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-552