Known Vulnerabilities for Polkit by Polkit Project
Listed below are 10 of the newest known vulnerabilities associated with "Polkit" by "Polkit Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34397 json | Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0-alpha to before 2.3.9 an... | Not Provided | 2026-04-01 | 2026-04-04 |
| CVE-2026-4897 json | A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the `po... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2021-4115 json | There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhau... | 5.5 - MEDIUM | 2022-02-21 | 2023-11-07 |
| CVE-2021-4034 json | A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool desi... | 7.8 - HIGH | 2022-01-28 | 2023-11-07 |
| CVE-2021-3560 json | It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges o... | 7.8 - HIGH | 2022-02-16 | 2023-11-07 |
| CVE-2019-6133 json | In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and ther... | 6.7 - MEDIUM | 2019-01-11 | 2020-08-24 |
| CVE-2018-19788 json | A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute a... | 8.8 - HIGH | 2018-12-03 | 2019-08-06 |
| CVE-2018-1116 json | A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authori... | 4.4 - MEDIUM | 2018-07-10 | 2020-05-05 |
| CVE-2015-4625 json | Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to... | 4.6 - MEDIUM | 2015-10-26 | 2018-10-30 |
| CVE-2015-3256 json | PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (memory corruption and polkitd daemon cra... | 4.6 - MEDIUM | 2015-10-26 | 2018-10-30 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Polkit Project | Polkit | 0.99 | |||
| Application | Polkit Project | Polkit | 0.98 | |||
| Application | Polkit Project | Polkit | 0.97 | |||
| Application | Polkit Project | Polkit | 0.96 | |||
| Application | Polkit Project | Polkit | 0.95 | |||
| Application | Polkit Project | Polkit | 0.94 | |||
| Application | Polkit Project | Polkit | 0.93 | |||
| Application | Polkit Project | Polkit | 0.92 | |||
| Application | Polkit Project | Polkit | 0.91 | |||
| Application | Polkit Project | Polkit | 0.9 | |||
| Application | Polkit Project | Polkit | 0.8 | |||
| Application | Polkit Project | Polkit | 0.7 | |||
| Application | Polkit Project | Polkit | 0.6 | |||
| Application | Polkit Project | Polkit | 0.5 | |||
| Application | Polkit Project | Polkit | 0.4 | |||
| Application | Polkit Project | Polkit | 0.3 | |||
| Application | Polkit Project | Polkit | 0.116 | |||
| Application | Polkit Project | Polkit | 0.115 | |||
| Application | Polkit Project | Polkit | 0.114 | |||
| Application | Polkit Project | Polkit | 0.113 |