Generation of Error Message Containing Sensitive Information
CVE-2020-16121
Summary
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
- LOW
- LOCAL
- NONE
- UNCHANGED
- NONE
- LOW
- LOW
- NONE
CWE-209 - Generation of Error Message Containing Sensitive Information
The software generates an error message that includes sensitive information about its environment, users, or associated data.
References
Advisory Timeline
- Published