USN-4958-1
- Source
- https://ubuntu.com/security/notices/USN-4958-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4958-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-4958-1
- Published
- 2021-05-17T22:50:01Z
- Modified
- 2026-04-22T10:14:40.026526Z
- Summary
- caribou vulnerability
- Details
-
It was discovered that the Caribou onscreen keyboard could be made to crash when given certain input values. An attacker could use this to bypass screen-locking applications that support using Caribou as an input mechanism.
- References
Affected packages
Ubuntu:20.04:LTS / caribou
Package
- Name
- caribou
- Purl
- pkg:deb/ubuntu/caribou@0.4.21-7ubuntu0.20.04.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.4.21-7ubuntu0.20.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "0.4.21-7ubuntu0.20.04.1",
"binary_name": "caribou"
},
{
"binary_version": "0.4.21-7ubuntu0.20.04.1",
"binary_name": "caribou-antler"
},
{
"binary_version": "0.4.21-7ubuntu0.20.04.1",
"binary_name": "gir1.2-caribou-1.0"
},
{
"binary_version": "0.4.21-7ubuntu0.20.04.1",
"binary_name": "libcaribou-common"
},
{
"binary_version": "0.4.21-7ubuntu0.20.04.1",
"binary_name": "libcaribou-gtk-module"
},
{
"binary_version": "0.4.21-7ubuntu0.20.04.1",
"binary_name": "libcaribou-gtk3-module"
},
{
"binary_version": "0.4.21-7ubuntu0.20.04.1",
"binary_name": "libcaribou0"
}
]
}