) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- Keyword (text search): cpe:2.3:a:canonical:apport:2.20.1:*:*:*:*:*:*:*
- CPE Name Search: true
There are 3 matching records.
Displaying matches 1 through 3.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-1326 |
A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit. Published: April 13, 2023; 7:15:07 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2021-32557 |
It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks. Published: June 12, 2021; 12:15:12 AM -0400 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0: 3.6 LOW |
| CVE-2021-32556 |
It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call. Published: June 12, 2021; 12:15:12 AM -0400 |
V4.0:(not available) V3.1: 3.3 LOW V2.0: 2.1 LOW |