Apport Project

Apport

24 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2016-9950

Exploit
  • EPSS 2.36%
  • Published 17.12.2016 03:59:00
  • Last modified 12.04.2025 10:46:40

An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-...

9.3

CVE-2016-9949

Exploit
  • EPSS 9.74%
  • Published 17.12.2016 03:59:00
  • Last modified 12.04.2025 10:46:40

An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.

7.2

CVE-2015-1338

Exploit
  • EPSS 0.38%
  • Published 01.10.2015 20:59:02
  • Last modified 12.04.2025 10:46:40

kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.

7.2

CVE-2015-1318

Exploit
  • EPSS 26.7%
  • Published 17.04.2015 17:59:01
  • Last modified 12.04.2025 10:46:40

The crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace (container).