This page aggregates publicly disclosed CVE and security risk information related to uim, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2005-3149 | Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges. | [email protected] | 4.6 | 0.41% | 2005-10-05 | 2026-06-16 |
| CVE-2005-0503 | uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges. | [email protected] | 4.6 | 0.36% | 2005-02-21 | 2026-06-16 |