- Home
- CVEs with nessus.description==Two vulnerabilities were found in Policykit, a framework for managing administrative policies and privileges :
CVE-2018-19788
It was discovered that incorrect processing of very high UIDs in Policykit could result in authentication bypass.
CVE-2019-6133
Jann Horn of Google found that Policykit doesn't properly check if a process is already authenticated, which can lead to an authentication reuse by a different user.
For Debian 8 'Jessie', these problems have been fixed in version 0.105-15~deb8u4.
We recommend that you upgrade your policykit-1 packages.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top