{"vulnerability": "CVE-2020-28049", "sightings": [{"uuid": "c4c9f533-98c7-4bd0-8372-a3a73b6f5621", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28049", "type": "seen", "source": "https://t.me/cibsecurity/15843", "content": "\u203c CVE-2020-28049 \u203c\n\nAn issue was discovered in SDDM before 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display contents and, for example, intercept keystrokes or access the clipboard. This is caused by a race condition during Xauthority file creation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-04T22:42:36.000000Z"}]}