Simple-Wayland-HotKey-Daemon

crates.io6 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting Simple-Wayland-HotKey-Daemonpage 1 of 1

CVE-2022-27814LOWCVSS 3.3EG 3.3✓ Fixed in 1.2.0
2022-04-14
SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option.
CVE-2022-27815HIGHCVSS 7.8EG 7.8✓ Fixed in 1.2.0
2022-03-30
SWHKD 1.1.5 unsafely uses the /tmp/swhkd.pid pathname. There can be an information leak or denial of service.
CVE-2022-27816HIGHCVSS 7.1EG 7.1✓ Fixed in 1.2.0
2022-03-30
SWHKD 1.1.5 unsafely uses the /tmp/swhks.pid pathname. There can be data loss or a denial of service.
CVE-2022-27817MEDIUMCVSS 4.4EG 4.4
2022-04-14
SWHKD 1.1.5 consumes the keyboard events of unintended users. This could potentially cause an information leak, but is usually a denial of functionality.
CVE-2022-27818CRITICALCVSS 9.1EG 9.1✓ Fixed in 1.2.0
2022-04-07
SWHKD 1.1.5 unsafely uses the /tmp/swhkd.sock pathname. There can be an information leak or denial of service.
CVE-2022-27819MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.2.0
2022-04-07
SWHKD 1.1.5 allows unsafe parsing via the -c option. An information leak might occur but there is a simple denial of service (memory exhaustion) upon an attempt to parse a large or infinite file (such as a block or character device).

Check whether Simple-Wayland-HotKey-Daemon is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for Simple-Wayland-HotKey-Daemon CVEs against the assets you own.

Start Free Scan →