Vulnerabilities > Canonical > Apport > 2.20.9

DATE CVE VULNERABILITY TITLE RISK
2023-04-13 CVE-2023-1326 Improper Privilege Management vulnerability in Canonical Apport
A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604.
local
low complexity
canonical CWE-269
7.8
2021-06-12 CVE-2021-32556 OS Command Injection vulnerability in Canonical Apport
It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call.
local
low complexity
canonical CWE-78
3.3
2021-06-12 CVE-2021-32557 Link Following vulnerability in Canonical Apport
It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks.
local
low complexity
canonical CWE-59
7.1