Vulnerabilities > Packagekit Project > Packagekit > 0.6.17
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-03 | CVE-2024-0217 | Use After Free vulnerability in multiple products A use-after-free flaw was found in PackageKitd. | 3.3 |
| 2019-11-27 | CVE-2011-2515 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code. | 4.6 |
| 2018-04-23 | CVE-2018-1106 | Improper Authentication vulnerability in multiple products An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. | 2.1 |
| 2014-04-16 | CVE-2013-1764 | Permissions, Privileges, and Access Controls vulnerability in Packagekit Project Packagekit The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method. | 2.1 |