CVE-2020-16128
3.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Summary
The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Canonical | aptdaemon | 1.1.1+bzr982-0ubuntu14 < 1.1.1+bzr982-0ubuntu14.5 | affected |
| Canonical | aptdaemon | 1.1.1+bzr982-0ubuntu19 < 1.1.1+bzr982-0ubuntu19.5 | affected |
| Canonical | aptdaemon | 1.1.1+bzr982-0ubuntu32 < 1.1.1+bzr982-0ubuntu32.3 | affected |
| Canonical | aptdaemon | 1.1.1+bzr982-0ubuntu34 < 1.1.1+bzr982-0ubuntu34.1 | affected |
Weaknesses
- CWE-209: CWE-209 Information Exposure Through an Error Message
ADP Enrichment
CVE Program Container
Additional References
- https://usn.ubuntu.com/usn/usn-4664-1
- https://bugs.launchpad.net/ubuntu/+source/aptdaemon/+bug/1899513
References
- https://usn.ubuntu.com/usn/usn-4664-1
- https://bugs.launchpad.net/ubuntu/+source/aptdaemon/+bug/1899513
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.