CVE-2020-16121

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.

Published: Nov 7, 2020
Updated: Apr 13, 2023
CVE: CVE-2020-16121
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 3.3
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-209

OWASP TOP 10:

A6 - Security Misconfiguration

Affected Software
References

Software	From	Fixed in
canonical / ubuntu_linux	20.04	20.04.x

https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1888887
https://www.eyecontrol.nl/blog/the-story-of-3-cves-in-ubuntu-desktop.html

Vulnerability Database

289,697

CVE-2020-16121