UBUNTU-CVE-2020-19858

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2020-19858

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-19858.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2020-19858

Related

Published

2022-01-21T13:15:00Z

Modified

2025-06-03T17:34:27Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Platinum Upnp SDK through 1.2.0 has a directory traversal vulnerability. The attack could remote attack victim by sending http://ip:port/../privacy.avi URL to compromise a victim's privacy.

References

Affected packages

Ubuntu:Pro:16.04:LTS / kodi

Package

Name: kodi
Purl: pkg:deb/ubuntu/kodi@15.2+dfsg1-3ubuntu1.1?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

15.*

15.1+dfsg1-3

15.2+dfsg1-1build1

15.2+dfsg1-3

15.2+dfsg1-3ubuntu1

15.2+dfsg1-3ubuntu1.1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / kodi

Package

Name: kodi
Purl: pkg:deb/ubuntu/kodi@2:17.6+dfsg1-1ubuntu1?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2:17.*

2:17.3+dfsg1-3

2:17.3+dfsg1-3build1

2:17.3+dfsg1-5

2:17.3+dfsg1-5build1

2:17.3+dfsg1-5build2

2:17.6+dfsg1-1

2:17.6+dfsg1-1build1

2:17.6+dfsg1-1ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:20.04:LTS / digikam

Package

Name: digikam
Purl: pkg:deb/ubuntu/digikam@4:6.4.0+dfsg-3ubuntu0.1~esm1?arch=source&distro=esm-apps/focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4:6.4.0+dfsg-3ubuntu0.1~esm1

Affected versions

4:5.*

4:5.9.0-1ubuntu4

4:6.*

4:6.4.0+dfsg-3

4:6.4.0+dfsg-3build1

Ecosystem specific

{
    "ubuntu_priority": "medium",
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_name": "digikam",
            "binary_version": "4:6.4.0+dfsg-3ubuntu0.1~esm1"
        },
        {
            "binary_name": "digikam-data",
            "binary_version": "4:6.4.0+dfsg-3ubuntu0.1~esm1"
        },
        {
            "binary_name": "digikam-dbgsym",
            "binary_version": "4:6.4.0+dfsg-3ubuntu0.1~esm1"
        },
        {
            "binary_name": "digikam-private-libs",
            "binary_version": "4:6.4.0+dfsg-3ubuntu0.1~esm1"
        },
        {
            "binary_name": "digikam-private-libs-dbgsym",
            "binary_version": "4:6.4.0+dfsg-3ubuntu0.1~esm1"
        },
        {
            "binary_name": "showfoto",
            "binary_version": "4:6.4.0+dfsg-3ubuntu0.1~esm1"
        },
        {
            "binary_name": "showfoto-dbgsym",
            "binary_version": "4:6.4.0+dfsg-3ubuntu0.1~esm1"
        }
    ]
}

Ubuntu:Pro:20.04:LTS / kodi

Package

Name: kodi
Purl: pkg:deb/ubuntu/kodi@2:18.6+dfsg1-2ubuntu1?arch=source&distro=esm-apps/focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2:17.*

2:17.6+dfsg1-4ubuntu4

2:17.6+dfsg1-4ubuntu9

2:17.6+dfsg1-4ubuntu10

2:18.*

2:18.5+dfsg1-0ubuntu3

2:18.6+dfsg1-2ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / kodi

Package

Name: kodi
Purl: pkg:deb/ubuntu/kodi@2:19.4+dfsg1-2?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2:19.*

2:19.1+dfsg2-2

2:19.3+dfsg1-1

2:19.3+dfsg1-1build2

2:19.3+dfsg1-1build3

2:19.3+dfsg1-1build4

2:19.3+dfsg1-1build5

2:19.4+dfsg1-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.10 / kodi

Package

Name: kodi
Purl: pkg:deb/ubuntu/kodi@2:21.1+dfsg-4?arch=source&distro=oracular

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2:20.*

2:20.5+dfsg-1build2

2:20.5+dfsg-2

2:20.5+dfsg-4

2:20.5+dfsg-5

2:21.*

2:21.1+dfsg-2

2:21.1+dfsg-4

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / kodi

Package

Name: kodi
Purl: pkg:deb/ubuntu/kodi@2:20.5+dfsg-1ubuntu1?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2:20.*

2:20.2+dfsg-4

2:20.2+dfsg-4build1

2:20.2+dfsg-4build2

2:20.2+dfsg-4ubuntu1

2:20.3+dfsg-1

2:20.4+dfsg-1

2:20.5+dfsg-1build2

2:20.5+dfsg-1ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:25.04 / kodi

Package

Name: kodi
Purl: pkg:deb/ubuntu/kodi@2:21.2+dfsg-1build2?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2:21.*

2:21.1+dfsg-4

2:21.1+dfsg-5

2:21.1+dfsg-5build1

2:21.1+dfsg-6

2:21.2+dfsg-1

2:21.2+dfsg-1build1

2:21.2+dfsg-1build2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}