CVE-2023-49347

Sažetak

Temporary data passed between application components by Budgie Extras Windows Previews could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may read private information from windows, present false information to users, or deny access to the application.

Reference

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49347
https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-xxfq-fqfp-cpvj
https://ubuntu.com/security/notices/USN-6556-1

CVSS

Base:	7.8
Impact:	5.9
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

20-12-2023 - 20:41

Objavljeno

14-12-2023 - 22:15