Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical apport vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1326
A privilege escalation attack was found in apport-cli 2.26.0 and previous versions which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a loca...
Canonical Apport
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
4 Github repositories
2.1
CVSSv2
CVE-2021-3709
Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions before 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions before 2.20.1-0ubuntu2.30+esm2; 2.20.9 ...
Canonical Apport 2.14.1-0ubuntu1
Canonical Apport 2.14.1-0ubuntu2
Canonical Apport 2.14.1-0ubuntu3.1
Canonical Apport 2.14.1-0ubuntu3.2
Canonical Apport 2.14.1-0ubuntu3.3
Canonical Apport 2.14.1-0ubuntu3.4
Canonical Apport 2.14.1-0ubuntu3.5
Canonical Apport 2.14.1-0ubuntu3.6
Canonical Apport 2.14.1-0ubuntu3.7
Canonical Apport 2.14.1-0ubuntu3.8
Canonical Apport 2.14.1-0ubuntu3.9
Canonical Apport 2.14.1-0ubuntu3.10
Canonical Apport 2.14.1-0ubuntu3.11
Canonical Apport 2.14.1-0ubuntu3.12
Canonical Apport 2.14.1-0ubuntu3.13
Canonical Apport 2.14.1-0ubuntu3.14
Canonical Apport 2.14.1-0ubuntu3.15
Canonical Apport 2.14.1-0ubuntu3.16
Canonical Apport 2.14.1-0ubuntu3.17
Canonical Apport 2.14.1-0ubuntu3.18
Canonical Apport 2.14.1-0ubuntu3.19
Canonical Apport 2.14.1-0ubuntu3.20
4.7
CVSSv2
CVE-2021-3710
An information disclosure via path traversal exists in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions before 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions before 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions before 2.20.9-0ubuntu7.26; 2.20.11 versions ...
Canonical Apport 2.14.1-0ubuntu1
Canonical Apport 2.14.1-0ubuntu2
Canonical Apport 2.14.1-0ubuntu3
Canonical Apport 2.14.1-0ubuntu3.1
Canonical Apport 2.14.1-0ubuntu3.2
Canonical Apport 2.14.1-0ubuntu3.3
Canonical Apport 2.14.1-0ubuntu3.4
Canonical Apport 2.14.1-0ubuntu3.5
Canonical Apport 2.14.1-0ubuntu3.6
Canonical Apport 2.14.1-0ubuntu3.7
Canonical Apport 2.14.1-0ubuntu3.8
Canonical Apport 2.14.1-0ubuntu3.9
Canonical Apport 2.14.1-0ubuntu3.10
Canonical Apport 2.14.1-0ubuntu3.11
Canonical Apport 2.14.1-0ubuntu3.12
Canonical Apport 2.14.1-0ubuntu3.13
Canonical Apport 2.14.1-0ubuntu3.14
Canonical Apport 2.14.1-0ubuntu3.15
Canonical Apport 2.14.1-0ubuntu3.16
Canonical Apport 2.14.1-0ubuntu3.17
Canonical Apport 2.14.1-0ubuntu3.18
Canonical Apport 2.14.1-0ubuntu3.19
2.1
CVSSv2
CVE-2021-32548
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
2.1
CVSSv2
CVE-2021-32547
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
2.1
CVSSv2
CVE-2021-32552
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
2.1
CVSSv2
CVE-2021-32556
It exists that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call.
Canonical Apport
2.1
CVSSv2
CVE-2021-32549
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
2.1
CVSSv2
CVE-2021-32550
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
2.1
CVSSv2
CVE-2021-32551
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »