UBUNTU-CVE-2023-49345

Source
https://ubuntu.com/security/CVE-2023-49345
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49345.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2023-49345
Related
Published
2023-12-14T00:00:00Z
Modified
2024-10-15T14:11:51Z
Severity
  • 6.0 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H CVSS Calculator
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Temporary data passed between application components by Budgie Extras Takeabreak applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel.

References

Affected packages

Ubuntu:Pro:18.04:LTS / budgie-extras

Package

Name
budgie-extras
Purl
pkg:deb/ubuntu/budgie-extras?arch=src?distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.3.0-1
0.4.1-0ubuntu1
0.4.2-0ubuntu1
0.4.2-1
0.4.2-1ubuntu1
0.4.3-0ubuntu1
0.4.4-0ubuntu1
0.4.4-0ubuntu1.1
0.4.4-0ubuntu1.2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / budgie-extras

Package

Name
budgie-extras
Purl
pkg:deb/ubuntu/budgie-extras?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.10.1-0ubuntu3
0.91.0-1
0.92.0-1
0.92.0-2
0.93.0-1
0.93.0-2
0.94.0-1
0.95.0-0ubuntu1

1.*

1.0.0-1
1.0.1-1
1.0.1-2
1.0.2-0ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / budgie-extras

Package

Name
budgie-extras
Purl
pkg:deb/ubuntu/budgie-extras?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.0-1ubuntu3.1

Affected versions

1.*

1.3.0-0ubuntu1
1.3.0-1
1.3.90-1
1.3.91-1
1.4.0-1
1.4.0-1ubuntu1
1.4.0-1ubuntu2
1.4.0-1ubuntu3

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-app-launcher-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-applications-menu-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-applications-menu-applet-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-brightness-controller-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-brightness-controller-applet-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-clockworks-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-countdown-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-dropby-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-extras-common"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-extras-daemon"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-extras-daemon-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-fuzzyclock-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-fuzzyclock-applet-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-hotcorners-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-hotcorners-applet-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-kangaroo-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-keyboard-autoswitch-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-network-manager-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-network-manager-applet-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-previews"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-previews-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-previews-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-quickchar"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-quicknote-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-quicknote-applet-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-recentlyused-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-recentlyused-applet-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-rotation-lock-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-showtime-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-showtime-applet-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-takeabreak-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-trash-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-trash-applet-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-visualspace-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-visualspace-applet-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-wallstreet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-wallstreet-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-weathershow-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-weathershow-applet-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-window-shuffler"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-window-shuffler-dbgsym"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-workspace-stopwatch-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-workspace-wallpaper-applet"
        },
        {
            "binary_version": "1.4.0-1ubuntu3.1",
            "binary_name": "budgie-workspace-wallpaper-applet-dbgsym"
        }
    ]
}

Ubuntu:24.10 / budgie-extras

Package

Name
budgie-extras
Purl
pkg:deb/ubuntu/budgie-extras?arch=src?distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.8.0-1build3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / budgie-extras

Package

Name
budgie-extras
Purl
pkg:deb/ubuntu/budgie-extras?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.7.0-3
1.7.1-1
1.8.0-1
1.8.0-1build2
1.8.0-1build3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}