{"id":"CVE-2019-14822","details":"A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user.","modified":"2026-04-16T04:40:08.924964265Z","published":"2019-11-25T12:15:11.427Z","related":["ALSA-2020:1880","SUSE-SU-2019:2387-1","SUSE-SU-2019:2388-1","SUSE-SU-2019:2389-1","SUSE-SU-2019:2427-1","openSUSE-SU-2019:2174-1","openSUSE-SU-2019:2199-1","openSUSE-SU-2024:10853-1"],"references":[{"type":"ADVISORY","url":"https://usn.ubuntu.com/4134-3/"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1717958"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14822"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpuapr2022.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ibus/ibus","events":[{"introduced":"0"},{"fixed":"e3262f08b9e3efc57808700823b0622ec03a1b5f"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.5.22"}]}}],"versions":["0.1.0.20080810","0.1.1.20080812","0.1.1.20080815","0.1.1.20080821","0.1.1.20080823","0.1.1.20080830","0.1.1.20081023","1.1.0.20090211","1.1.0.20090217","1.1.0.20090225","1.1.0.20090306","1.1.0.20090311","1.1.0.20090331","1.1.0.20090407","1.1.0.20090413","1.1.0.20090417","1.1.0.20090423","1.1.0.20090508","1.1.0.20090531","1.1.0.20090609","1.1.0.20090612","1.2.0.20090617","1.2.0.20090722","1.2.0.20090723","1.2.0.20090806","1.2.0.20090807","1.2.0.20090810","1.2.0.20090812","1.2.0.20090828","1.2.0.20090904","1.2.0.20090915","1.2.0.20090927","1.2.0.20091014","1.2.0.20091024","1.2.0.20091124","1.2.0.20091204","1.2.0.20091215","1.2.0.20091225","1.2.0.20100111","1.2.99.20100202","1.2.99.20100322","1.3.0","1.3.1","1.3.2","1.3.3","1.3.4","1.3.5","1.3.6","1.3.7","1.3.8","1.4.0","1.4.1","1.4.99.20121006","1.4.99.20121109","1.5.0","1.5.1","1.5.10","1.5.11","1.5.12","1.5.13","1.5.14","1.5.15","1.5.16","1.5.17","1.5.18","1.5.19","1.5.2","1.5.20","1.5.21","1.5.3","1.5.4","1.5.5","1.5.6","1.5.7","1.5.8","1.5.9","20080901"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-14822.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"19.10"}]},{"events":[{"introduced":"0"},{"last_affected":"8.8"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}]}