Unrated severityNVD Advisory· Published Feb 12, 2019· Updated Aug 5, 2024
CVE-2018-20781
CVE-2018-20781
Description
In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<3.27.2+ 1 more
- (no CPE)range: <3.27.2
- (no CPE)range: <3.27.2
Patches
Vulnerability mechanics
References
7- usn.ubuntu.com/3894-1/mitrevendor-advisoryx_refsource_UBUNTU
- bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919mitrex_refsource_MISC
- bugzilla.gnome.org/show_bug.cgimitrex_refsource_MISC
- github.com/huntergregal/mimipenguin/tree/d95f1e08ce79783794f38433bbf7de5abd9792damitrex_refsource_MISC
- gitlab.gnome.org/GNOME/gnome-keyring/issues/3mitrex_refsource_MISC
- gitlab.gnome.org/GNOME/gnome-keyring/tags/3.27.2mitrex_refsource_MISC
- www.oracle.com/security-alerts/cpujan2021.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.