Canonical Aptdaemon vulnerabilities
3 known vulnerabilities affecting canonical/aptdaemon.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM1LOW2
Vulnerabilities
Page 1 of 1
CVE-2020-27349MEDIUMCVSS 5.5≥ 1.1.1+bzr982-0ubuntu14, < 1.1.1+bzr982-0ubuntu14.5≥ 1.1.1+bzr982-0ubuntu19, < 1.1.1+bzr982-0ubuntu19.5+2 more2020-12-09
CVE-2020-27349 [MEDIUM] CWE-862 CVE-2020-27349: Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevate
Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.
cvelistv5nvd
CVE-2020-16128LOWCVSS 3.8≥ 1.1.1+bzr982-0ubuntu14, < 1.1.1+bzr982-0ubuntu14.5≥ 1.1.1+bzr982-0ubuntu19, < 1.1.1+bzr982-0ubuntu19.5+2 more2020-12-09
CVE-2020-16128 [LOW] CWE-209 CVE-2020-16128: The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket p
The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.
cvelistv5nvd
CVE-2020-15703LOWCVSS 3.3≥ unspecified, < 1.1.1+bzr982-0ubuntu32.2≥ unspecified, < 1.1.1+bzr982-0ubuntu19.4+1 more2020-10-31
CVE-2020-15703 [MEDIUM] CWE-22 CVE-2020-15703: There is no input validation on the Locale property in an apt transaction. An unprivileged user can
There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an unprivileged user can check for the existence of any files on
cvelistv5nvd