Filtered by vendor Apport Project Subscriptions
Filtered by product Apport Subscriptions
Total 24 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-9950 2 Apport Project, Canonical 2 Apport, Ubuntu Linux 2024-11-21 N/A
An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system.
CVE-2016-9949 2 Apport Project, Canonical 2 Apport, Ubuntu Linux 2024-11-21 N/A
An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.
CVE-2015-1338 2 Apport Project, Canonical 2 Apport, Ubuntu Linux 2024-11-21 N/A
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
CVE-2015-1318 1 Apport Project 1 Apport 2024-11-21 N/A
The crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace (container).