Vulnerabilities > Canonical > Apport > 2.20.11.0ubuntu27.17
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-13 | CVE-2023-1326 | Improper Privilege Management vulnerability in Canonical Apport A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. | 7.8 |
| 2021-10-01 | CVE-2021-3709 | Path Traversal vulnerability in Canonical Apport Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. | 5.5 |
| 2021-10-01 | CVE-2021-3710 | Path Traversal vulnerability in Canonical Apport An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). | 5.5 |
| 2021-06-12 | CVE-2021-32556 | OS Command Injection vulnerability in Canonical Apport It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call. | 3.3 |
| 2021-06-12 | CVE-2021-32557 | Link Following vulnerability in Canonical Apport It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks. | 7.1 |