Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical apport vulnerabilities and exploits
(subscribe to this query)
543
VMScore
CVE-2019-11481
Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Apport Project Apport -
187
VMScore
CVE-2019-11483
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local malicious user to generate a crash report for a privileged process that is readable by an unprivileged user.
Apport Project Apport -
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
NA
CVE-2023-1326
A privilege escalation attack was found in apport-cli 2.26.0 and previous versions which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a loca...
Canonical Apport
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
4 Github repositories
641
VMScore
CVE-2015-1341
Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport prior to 2.19.2 function _python_module_path.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Canonical Apport
641
VMScore
CVE-2015-1324
Apport prior to 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, prior to 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, prior to 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and prior to 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrar...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
436
VMScore
CVE-2013-1067
Apport 2.12.5 and previous versions uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file.
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.04
695
VMScore
CVE-2015-1325
Race condition in Apport prior to 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, prior to 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, prior to 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and prior to 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to...
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
1 EDB exploit
187
VMScore
CVE-2021-32554
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
187
VMScore
CVE-2021-32550
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
187
VMScore
CVE-2021-32551
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »