Описание
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | PackageKit | Out of support scope | ||
| Red Hat Enterprise Linux 7 | PackageKit | Out of support scope | ||
| Red Hat Enterprise Linux 8 | PackageKit | Fix deferred |
Показывать по
10
Ссылки на источники
Дополнительная информация
Статус:
Low
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1884560PackageKit: local attacker could use this issue to learn the MIME type of any file on the system
2.5 Low
CVSS3
Связанные уязвимости
CVSS3: 3.3
ubuntu
больше 5 лет назад
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
CVSS3: 3.3
nvd
больше 5 лет назад
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
CVSS3: 3.3
debian
больше 5 лет назад
PackageKit provided detailed error messages to unprivileged callers th ...
2.5 Low
CVSS3