CVE-2019-7306

Description

Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Affected products

Canonical / byobuunspecified – 5.128-0ubuntu1

References

CONFIRMhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7306
MISChttps://bugs.launchpad.net/ubuntu/+source/byobu/+bug/1827202