2.1
CVE-2013-1764
- EPSS 0.38%
- Veröffentlicht 16.04.2014 18:37:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Packagekit Project ≫ Packagekit Version <= 0.8.7
Packagekit Project ≫ Packagekit Version0.8.1
Packagekit Project ≫ Packagekit Version0.8.2
Packagekit Project ≫ Packagekit Version0.8.3
Packagekit Project ≫ Packagekit Version0.8.4
Packagekit Project ≫ Packagekit Version0.8.5
Packagekit Project ≫ Packagekit Version0.8.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.298 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:N/I:P/A:N
|
http://lists.opensuse.org/opensuse-updates/2013-06/msg00026.html
http://www.openwall.com/lists/oss-security/2013/02/25/20
https://bugs.freedesktop.org/show_bug.cgi?id=61231
https://bugzilla.novell.com/show_bug.cgi?id=804983
https://gitorious.org/packagekit/packagekit/commit/d3d14631042237bcfe6fb30a60e59bb6d94af425
https://gitorious.org/packagekit/packagekit/source/NEWS