CVE-2020-16121
LOWPackageKit - Information Disclosure via Detailed Error Messages
Title source: llmDescription
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.eyecontrol.nl/blog/the-story-of-3-cves-in-ubuntu-desktop.html
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1888887
Scores
CVSS v3
3.3
EPSS
0.0010
EPSS Percentile
27.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-209
Status
published
Products (2)
canonical/ubuntu_linux
20.04
packagekit_project/packagekit
Published
Nov 07, 2020
Tracked Since
Feb 18, 2026