CVE-2026-54231
- EPSS 0.12%
- Veröffentlicht 13.06.2026 02:34:37
- Zuletzt bearbeitet 29.06.2026 17:48:06
A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory wi...
CVE-2026-54230
- EPSS 0.14%
- Veröffentlicht 13.06.2026 02:34:35
- Zuletzt bearbeitet 30.06.2026 03:21:02
A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the O_NOFOLLOW flag. If the target file is replaced with a symlink, the shell pr...
CVE-2011-4088
- EPSS 1.62%
- Veröffentlicht 31.01.2020 17:15:13
- Zuletzt bearbeitet 21.11.2024 01:31:49
ABRT might allow attackers to obtain sensitive information from crash reports.
- EPSS 3.08%
- Veröffentlicht 09.02.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 02:26:17
The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment.