Unrated severityNVD Advisory· Published Apr 16, 2014· Updated May 6, 2026
CVE-2013-1764
CVE-2013-1764
Description
The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method.
Affected products
7cpe:2.3:a:packagekit_project:packagekit:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:packagekit_project:packagekit:*:*:*:*:*:*:*:*range: <=0.8.7
- cpe:2.3:a:packagekit_project:packagekit:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:packagekit_project:packagekit:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:packagekit_project:packagekit:0.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:packagekit_project:packagekit:0.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:packagekit_project:packagekit:0.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:packagekit_project:packagekit:0.8.6:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- bugs.freedesktop.org/show_bug.cginvdPatch
- gitorious.org/packagekit/packagekit/source/NEWSnvdVendor Advisory
- lists.opensuse.org/opensuse-updates/2013-06/msg00026.htmlnvd
- www.openwall.com/lists/oss-security/2013/02/25/20nvd
- bugzilla.novell.com/show_bug.cginvd
- gitorious.org/packagekit/packagekit/commit/d3d14631042237bcfe6fb30a60e59bb6d94af425nvd
News mentions
0No linked articles in our index yet.