CVE-2023-49347 — Vulnetix

CVE-2023-49347 PUBLISHED CVSS 6 MEDIUM

Temporary data passed between application components by Budgie Extras Windows Previews could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may read private information from windows, present false information to users, or deny access to the application.

EPSS 0.05% · 17.7th percentile

Risk Scores

CVSS 3.1

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

EPSS Score

0.05%

17.7th percentile

Affected Products

Vendor	Product	Versions
Ubuntu Budgie	Budgie Extras	v1.4.0
ubuntubudgie	budgie_extras	1.4.0

Exploit Intelligence

Timeline

Dec 14, 2023 CVE Published
Dec 15, 2023 EPSS Score
Jan 13, 2024 EPSS Score
Feb 11, 2024 EPSS Score
Mar 12, 2024 EPSS Score
Apr 10, 2024 EPSS Score
May 9, 2024 EPSS Score
Jun 7, 2024 EPSS Score
Jul 6, 2024 EPSS Score
Aug 2, 2024 CVE Updated
Aug 4, 2024 EPSS Score
Sep 3, 2024 EPSS Score

References

https://ubuntu.com/security/notices/USN-6556-1 third-party-advisory
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49347 issue
https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-xxfq-fqfp-cpvj issue

Open in Interactive Console →