Required CVE Record Information
Description
Temporary data passed between application components by Budgie Extras Dropby applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel.
CVSS 1 Total
| Score | Severity | Version | Vector String |
|---|---|---|---|
| 6.0 | MEDIUM | 3.1 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H |
Credits
- Sam Lane analyst
- David Mohammed remediation verifier
References 3 Total
- https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-27g2-7x65-3cc5 issue-tracking
- https://ubuntu.com/security/notices/USN-6556-1 third-party-advisory
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49343 issue-tracking
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 3 Total
- https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-27g2-7x65-3cc5 issue-trackingx_transferred
- https://ubuntu.com/security/notices/USN-6556-1 third-party-advisoryx_transferred
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49343 issue-trackingx_transferred