Debian Kinit vulnerabilities

1 known vulnerability affecting debian/kinit.

Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1

Vulnerabilities

Page 1 of 1
CVE-2016-3100HIGHCVSS 8.4fixed in kinit 5.23.0-1 (bookworm)2016
CVE-2016-3100 [HIGH] CVE-2016-3100: kinit - kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth... kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file. Scope: local bookworm: resolved (fixed in 5.23.0-1) bullseye: resolved (fixed in 5.23.0-1) forky: resolved (fixed in 5.23.0-1) sid: res
debian