Filtered by vendor Apport Project
Subscriptions
Filtered by product Apport
Subscriptions
Total
24 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-9950 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2024-11-21 | N/A |
An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system. | ||||
CVE-2016-9949 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2024-11-21 | N/A |
An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code. | ||||
CVE-2015-1338 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2024-11-21 | N/A |
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log. | ||||
CVE-2015-1318 | 1 Apport Project | 1 Apport | 2024-11-21 | N/A |
The crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace (container). |