VDB
CVE-2020-16121
CVE-2020-16121
PUBLISHED
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
EPSS 0.10% · 27.6th percentile
Risk Scores
EPSS Score
0.10%
27.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:20.04:LTS | packagekit | 1.1.12-5ubuntu4, 1.1.13-1, 1.1.13-2 |
| Ubuntu:18.04:LTS | packagekit | 1.1.9-1ubuntu1, 1.1.7-1, 1.1.9-1 |
| Ubuntu:16.04:LTS | packagekit | 0.8.17-4ubuntu6~gcc5.3, 0.8.17-4ubuntu6~gcc5.4ubuntu1, 0.8.17-4ubuntu6~gcc5.4ubuntu1.1 |
Timeline
- Sep 24, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-16121 third-party-advisory
- https://ubuntu.com/security/notices/USN-4538-1 vendor-advisory
- https://www.eyecontrol.nl/blog/the-story-of-3-cves-in-ubuntu-desktop.html third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-16121 third-party-advisory