Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical apport vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2022-28652
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack
Apport Project Apport
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
5.5
CVSSv3
CVE-2022-28654
is_closing_session() allows users to fill up apport.log
Apport Project Apport
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 21.10
7.1
CVSSv3
CVE-2022-28655
is_closing_session() allows users to create arbitrary tcp dbus connections
Apport Project Apport
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 21.10
5.5
CVSSv3
CVE-2022-28656
is_closing_session() allows users to consume RAM in the Apport process
Apport Project Apport
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 21.10
7.8
CVSSv3
CVE-2022-28657
Apport does not disable python crash handler before entering chroot
Apport Project Apport
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 21.10
5.5
CVSSv3
CVE-2022-28658
Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing
Apport Project Apport
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 21.10
7.8
CVSSv3
CVE-2023-1326
A privilege escalation attack was found in apport-cli 2.26.0 and previous versions which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a loca...
Canonical Apport
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
5 Github repositories
5.5
CVSSv3
CVE-2021-3709
Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions before 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions before 2.20.1-0ubuntu2.30+esm2; 2.20.9 ...
Canonical Apport 2.14.1-0ubuntu1
Canonical Apport 2.14.1-0ubuntu2
Canonical Apport 2.14.1-0ubuntu3
Canonical Apport 2.14.1-0ubuntu3.1
Canonical Apport 2.14.1-0ubuntu3.2
Canonical Apport 2.14.1-0ubuntu3.3
Canonical Apport 2.14.1-0ubuntu3.4
Canonical Apport 2.14.1-0ubuntu3.5
Canonical Apport 2.14.1-0ubuntu3.6
Canonical Apport 2.14.1-0ubuntu3.7
Canonical Apport 2.14.1-0ubuntu3.8
Canonical Apport 2.14.1-0ubuntu3.9
Canonical Apport 2.14.1-0ubuntu3.10
Canonical Apport 2.14.1-0ubuntu3.11
Canonical Apport 2.14.1-0ubuntu3.12
Canonical Apport 2.14.1-0ubuntu3.13
Canonical Apport 2.14.1-0ubuntu3.14
Canonical Apport 2.14.1-0ubuntu3.15
Canonical Apport 2.14.1-0ubuntu3.16
Canonical Apport 2.14.1-0ubuntu3.17
Canonical Apport 2.14.1-0ubuntu3.18
Canonical Apport 2.14.1-0ubuntu3.19
5.5
CVSSv3
CVE-2021-3710
An information disclosure via path traversal exists in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions before 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions before 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions before 2.20.9-0ubuntu7.26; 2.20.11 versions ...
Canonical Apport 2.14.1-0ubuntu1
Canonical Apport 2.14.1-0ubuntu2
Canonical Apport 2.14.1-0ubuntu3
Canonical Apport 2.14.1-0ubuntu3.1
Canonical Apport 2.14.1-0ubuntu3.2
Canonical Apport 2.14.1-0ubuntu3.3
Canonical Apport 2.14.1-0ubuntu3.4
Canonical Apport 2.14.1-0ubuntu3.5
Canonical Apport 2.14.1-0ubuntu3.6
Canonical Apport 2.14.1-0ubuntu3.7
Canonical Apport 2.14.1-0ubuntu3.8
Canonical Apport 2.14.1-0ubuntu3.9
Canonical Apport 2.14.1-0ubuntu3.10
Canonical Apport 2.14.1-0ubuntu3.11
Canonical Apport 2.14.1-0ubuntu3.12
Canonical Apport 2.14.1-0ubuntu3.13
Canonical Apport 2.14.1-0ubuntu3.14
Canonical Apport 2.14.1-0ubuntu3.15
Canonical Apport 2.14.1-0ubuntu3.16
Canonical Apport 2.14.1-0ubuntu3.17
Canonical Apport 2.14.1-0ubuntu3.18
Canonical Apport 2.14.1-0ubuntu3.19
5.5
CVSSv3
CVE-2021-32547
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.10
Canonical Ubuntu Linux 21.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »