Ubuntu Ui Toolkit
Approved changes feed: RSS · Atom
cpe:2.3:a:canonical:ubuntu-ui-toolkit:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Canonical (bedcba35-8c3d-5a60-8532-2ba876a6ec88) |
|---|---|
| Product | Ubuntu Ui Toolkit (3b04498a-146b-5a65-bbe0-52ac4814c3c2) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:gitlab/ubports/ubuntu-ui-toolkit |
purl2cpe | 2026-06-01 10:12:43.421670 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2014-1420 |
vulnerable | 2026-06-03 14:33:46.884453 |
Insecure temp file usage in Ubuntu UI toolkit
LOW (3.8)
On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp/ files which an attacker could use to expose potentially sensitive data. StateSaver would also open files without the O_EXCL flag. An attacker could exploit this to launch a symlink attack, though this is partially mitigated by symlink and hardlink restrictions in Ubuntu. Fixed in 1.1.1188+14.10.20140813.4-0ubuntu1.
Published: 2020-09-10T23:55:14.770Z
Updated: 2024-09-16T17:08:12.605Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.