Vulnerabilities > Canonical > Apport > 2.14.1.0ubuntu3.28
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-13 | CVE-2023-1326 | Improper Privilege Management vulnerability in Canonical Apport A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. | 7.8 |
| 2021-10-01 | CVE-2021-3709 | Path Traversal vulnerability in Canonical Apport Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. | 5.5 |
| 2021-10-01 | CVE-2021-3710 | Path Traversal vulnerability in Canonical Apport An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). | 5.5 |
| 2021-06-12 | CVE-2021-32556 | OS Command Injection vulnerability in Canonical Apport It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call. | 3.3 |
| 2021-06-12 | CVE-2021-32557 | Link Following vulnerability in Canonical Apport It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks. | 7.1 |
| 2019-04-22 | CVE-2015-1341 | Permissions, Privileges, and Access Controls vulnerability in Canonical Apport and Ubuntu Linux Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path. | 7.8 |