Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-16127 | 1 Freedesktop | 1 Accountsservice | 2024-11-21 | 2.1 LOW | 2.8 LOW |
|
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled ~/.pam_environment files, allowing an infinite loop if /dev/zero is symlinked to this location.
|
|||||
| CVE-2020-16126 | 1 Freedesktop | 1 Accountsservice | 2024-11-21 | 2.1 LOW | 3.3 LOW |
|
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion.
|
|||||
| CVE-2018-14036 | 1 Freedesktop | 1 Accountsservice | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.
|
|||||