vulnerability
Amazon Linux AMI 2: CVE-2019-14822: Security patch for ibus (ALAS-2020-1555)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:L/Au:N/C:P/I:P/A:N) | Nov 25, 2019 | Nov 12, 2020 | Sep 30, 2022 |
Severity
4
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:N)
Published
Nov 25, 2019
Added
Nov 12, 2020
Modified
Sep 30, 2022
Description
A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user.
Solutions
amazon-linux-ami-2-upgrade-ibusamazon-linux-ami-2-upgrade-ibus-debuginfoamazon-linux-ami-2-upgrade-ibus-develamazon-linux-ami-2-upgrade-ibus-devel-docsamazon-linux-ami-2-upgrade-ibus-gtk2amazon-linux-ami-2-upgrade-ibus-gtk3amazon-linux-ami-2-upgrade-ibus-libsamazon-linux-ami-2-upgrade-ibus-pygtk2amazon-linux-ami-2-upgrade-ibus-setup
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.