{"id":"CVE-2022-46338","details":"g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to make supported device nodes world-readable and writable, allowing any process on the system to read traffic from keyboards, including sensitive data.","modified":"2026-03-14T11:55:38.407856Z","published":"2022-11-30T06:15:11.563Z","references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00002.html"},{"type":"REPORT","url":"https://bugs.debian.org/1024998"},{"type":"FIX","url":"https://github.com/MatMoul/g810-led/pull/297"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/MatMoul/g810-led","events":[{"introduced":"0"},{"last_affected":"5ee810a520f809e65048de8a8ce24bac0ce34490"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.4.2"}]}}],"versions":["OldCode","v0.0.2","v0.1.0","v0.1.1","v0.1.2","v0.1.3","v0.1.4","v0.1.6","v0.1.7","v0.1.8","v0.1.9","v0.2.0","v0.2.1","v0.2.2","v0.2.3","v0.2.4","v0.2.5","v0.2.6","v0.2.7","v0.2.8","v0.2.9","v0.3.0","v0.3.1","v0.3.2","v0.3.3","v0.3.4","v0.3.5","v0.3.6","v0.3.7","v0.3.8","v0.3.9","v0.4.0","v0.4.1","v0.4.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-46338.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"10.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}]}