aptdaemon@1.0 vulnerabilities

DBus driven daemon for APT

latest version

1.1.1
first published

14 years ago
latest version published

11 years ago
licenses detected
- LGPL-3.0
  [0,)
View aptdaemon package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the aptdaemon package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Improper Input Validation aptdaemon is a DBus driven daemon for APT Affected versions of this package are vulnerable to Improper Input Validation on the `Locale` property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an unprivileged user can check for the existence of any files on the system as root. How to fix Improper Input Validation? There is no fixed version for `aptdaemon`.	[0,)

Improper Input Validation

aptdaemon is a DBus driven daemon for APT

Affected versions of this package are vulnerable to Improper Input Validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an unprivileged user can check for the existence of any files on the system as root.

How to fix Improper Input Validation?

There is no fixed version for aptdaemon.

[0,)

Go back to all versions of this package

aptdaemon@1.0 vulnerabilities

DBus driven daemon for APT

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities