Vulnerabilities > Apport Project > Apport > 2.20.10
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-29 | CVE-2019-7307 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apport Project Apport Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml file, which allows a local attacker to replace this file with a symlink to any other file on the system and so cause Apport to include the contents of this other file in the resulting crash report. | 7.0 |