CVE-2020-27349

CVE-2020-27349: aptdaemon performed policykit permissions checks too late

Vendor Canonical
Product aptdaemon
Weakness CWE-862 · Missing authorization
Published December 9, 2020
Last update September 16, 2024

CVSS base score

What the vulnerability does

01Description

Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.

Key dates

02Disclosure timeline

December 9, 2020 CVE published
September 16, 2024 Record updated