Packagekit Project - Packagekit CVE

Filtered by vendor Packagekit Project Subscribe

Filtered by product Packagekit

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-16122	2 Canonical, Packagekit Project	2 Ubuntu Linux, Packagekit	2021-04-14	2.1 LOW	7.8 HIGH
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages.

Vulnerabilities (CVE)