vulnerability
CentOS Linux: CVE-2019-14822: Moderate: ibus and glib2 security and bug fix update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:L/Au:N/C:P/I:P/A:N) | Nov 25, 2019 | Apr 29, 2020 | May 25, 2023 |
Severity
4
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:N)
Published
Nov 25, 2019
Added
Apr 29, 2020
Modified
May 25, 2023
Description
A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user.
Solution(s)
centos-upgrade-glib2centos-upgrade-glib2-debuginfocentos-upgrade-glib2-debugsourcecentos-upgrade-glib2-develcentos-upgrade-glib2-devel-debuginfocentos-upgrade-glib2-doccentos-upgrade-glib2-famcentos-upgrade-glib2-fam-debuginfocentos-upgrade-glib2-staticcentos-upgrade-glib2-testscentos-upgrade-glib2-tests-debuginfocentos-upgrade-ibuscentos-upgrade-ibus-debuginfocentos-upgrade-ibus-debugsourcecentos-upgrade-ibus-develcentos-upgrade-ibus-devel-docscentos-upgrade-ibus-gtk2centos-upgrade-ibus-gtk2-debuginfocentos-upgrade-ibus-gtk3centos-upgrade-ibus-gtk3-debuginfocentos-upgrade-ibus-libscentos-upgrade-ibus-libs-debuginfocentos-upgrade-ibus-pygtk2centos-upgrade-ibus-setupcentos-upgrade-ibus-tests-debuginfocentos-upgrade-ibus-waylandcentos-upgrade-ibus-wayland-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.