{"id":"USN-4958-1","summary":"caribou vulnerability","details":"It was discovered that the Caribou onscreen keyboard could be made\nto crash when given certain input values. An attacker could use this\nto bypass screen-locking applications that support using Caribou as\nan input mechanism.\n","modified":"2026-04-22T10:14:40.026526Z","published":"2021-05-17T22:50:01Z","references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4958-1"},{"type":"REPORT","url":"https://launchpad.net/bugs/1912060"}],"affected":[{"package":{"name":"caribou","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/caribou@0.4.21-7ubuntu0.20.04.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.4.21-7ubuntu0.20.04.1"}]}],"versions":["0.4.21-7"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"caribou","binary_version":"0.4.21-7ubuntu0.20.04.1"},{"binary_name":"caribou-antler","binary_version":"0.4.21-7ubuntu0.20.04.1"},{"binary_name":"gir1.2-caribou-1.0","binary_version":"0.4.21-7ubuntu0.20.04.1"},{"binary_name":"libcaribou-common","binary_version":"0.4.21-7ubuntu0.20.04.1"},{"binary_name":"libcaribou-gtk-module","binary_version":"0.4.21-7ubuntu0.20.04.1"},{"binary_name":"libcaribou-gtk3-module","binary_version":"0.4.21-7ubuntu0.20.04.1"},{"binary_name":"libcaribou0","binary_version":"0.4.21-7ubuntu0.20.04.1"}]},"database_specific":{"cves_map":{"cves":[],"ecosystem":"Ubuntu:20.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4958-1.json"}}],"schema_version":"1.7.5"}