PackageKit Project PackageKit 0.6.10

CPE Details

PackageKit Project PackageKit 0.6.10
packagekit_project
packagekit
0.6.10
2019-09-26
13h48 +00:00
2019-09-26
13h48 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:packagekit_project:packagekit:0.6.10:*:*:*:*:*:*:*

Informations

Vendor

packagekit_project

Product

packagekit

Version

0.6.10

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-0217 2024-01-03 17h04 +00:00 A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any previously stored data in this memory region is considered lost.
3.3
Low
CVE-2022-0987 2022-06-28 14h09 +00:00 A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists.
3.3
Low
CVE-2018-1106 2018-04-23 20h00 +00:00 An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system.
5.5
Medium
CVE-2013-1764 2014-04-16 16h00 +00:00 The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method.
2.1