Detailed Error Messages in PackageKit Expose File Presence and Mimetype Vulnerability

Detailed Error Messages in PackageKit Expose File Presence and Mimetype Vulnerability

CVE-2020-16121 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.

Learn more about our User Device Pen Test.