Security Advisory

CVE-2020-16122

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-11-07 04:10:19

Last updated 2024-09-16 16:13:16

Assigner canonical

State PUBLISHED

Description

PackageKits apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages.

← Browse all CVEs View on cve.org ↗