vulnerability

Debian: CVE-2023-49345: budgie-extras -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:L/AC:L/Au:M/C:N/I:C/A:C)	Dec 14, 2023	May 15, 2025	Mar 30, 2026

Severity

CVSS

(AV:L/AC:L/Au:M/C:N/I:C/A:C)

Published

Dec 14, 2023

Added

May 15, 2025

Modified

Mar 30, 2026

Description

Temporary data passed between application components by Budgie Extras Takeabreak applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel.

Solution

no-fix-debian-deb-package

References

CVE-2023-49345
https://attackerkb.com/topics/CVE-2023-49345
CWE-377
CWE-668
EUVD-EUVD-2023-53328
https://euvd.enisa.europa.eu/vulnerability/EUVD-2023-53328

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report