PackageKit Project PackageKit 0.6.17

CPE Details

PackageKit Project PackageKit 0.6.17
packagekit_project
packagekit
0.6.17
2019-09-26
13h48 +00:00
2019-09-26
13h48 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:packagekit_project:packagekit:0.6.17:*:*:*:*:*:*:*

Informations

Vendor

packagekit_project

Product

packagekit

Version

0.6.17

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-0217 2024-01-03 17h04 +00:00 A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any previously stored data in this memory region is considered lost.
3.3
Bas
CVE-2022-0987 2022-06-28 14h09 +00:00 A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists.
3.3
Bas
CVE-2011-2515 2019-11-27 19h18 +00:00 PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.
5.3
Moyen
CVE-2018-1106 2018-04-23 20h00 +00:00 An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system.
5.5
Moyen
CVE-2013-1764 2014-04-16 16h00 +00:00 The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method.
2.1