CVE-2023-49346
CVSS V2 None
CVSS V3 None
Description
Temporary data passed between application components by Budgie Extras WeatherShow applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel.
Overview
- CVE ID
- CVE-2023-49346
- Assigner
- canonical
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-12-14T21:31:25.925Z
- Last Modified Date
- 2023-12-14T21:31:25.925Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-rffw-gg7p-5688 | issue-tracking |
| https://ubuntu.com/security/notices/USN-6556-1 | third-party-advisory |
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49346 | issue-tracking |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-49346 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49346 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 12:45:24 | Added to TrackCVE |