EUVD-2021-19400

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Read_file in apport/hookutils.py may expose private data to local users through symbolic links.

Reporter	Title	Published	Views	Family All 17
CNNVD	Ubuntu Apport 后置链接漏洞	26 May 202100:00	–	cnnvd
CVE	CVE-2021-32555	12 Jun 202103:40	–	cve
Cvelist	CVE-2021-32555 apport read_file() function could follow maliciously constructed symbolic links	12 Jun 202103:40	–	cvelist
NVD	CVE-2021-32555	12 Jun 202104:15	–	nvd
OpenVAS	Ubuntu: Security Advisory (USN-4965-1)	26 May 202100:00	–	openvas
OpenVAS	Ubuntu: Security Advisory (USN-4965-2)	26 Aug 202200:00	–	openvas
OSV	UBUNTU-CVE-2021-32555	25 May 202100:00	–	osv
OSV	USN-4965-1 apport vulnerabilities	25 May 202116:52	–	osv
OSV	USN-4965-2 apport vulnerabilities	25 May 202118:20	–	osv
Prion	Open redirect	12 Jun 202104:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "bc05c738-0a38-3808-9de6-5c34d4a7ff6c",
        "vendor": {
          "name": "Canonical"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "2215e00f-aa70-3844-91f6-5096feb31a9d",
        "product": {
          "name": "Apport"
        },
        "product_version": "2.20.1 <2.20.1-0ubuntu2.30+esm1"
      },
      {
        "id": "44335568-b12a-3570-bb9e-3f91b4173017",
        "product": {
          "name": "Apport"
        },
        "product_version": "2.14.1-0ubuntu3 <2.14.1-0ubuntu3.29+esm7"
      },
      {
        "id": "6d1a5bb0-f49a-3b1e-b582-b9e9e62eba2b",
        "product": {
          "name": "Apport"
        },
        "product_version": "2.20.9 <2.20.9-0ubuntu7.24"
      },
      {
        "id": "808e0484-e520-3565-922d-ef81f2d4fc12",
        "product": {
          "name": "Apport"
        },
        "product_version": "2.20.11-0ubuntu27 <2.20.11-0ubuntu27.18"
      },
      {
        "id": "8f45f5be-d546-36a6-ab34-1395aa640b0d",
        "product": {
          "name": "Apport"
        },
        "product_version": "2.20.11-0ubuntu65 <2.20.11-0ubuntu65.1"
      },
      {
        "id": "e129ac79-a825-3345-a9d7-0df05c9ed601",
        "product": {
          "name": "Apport"
        },
        "product_version": "2.20.11-0ubuntu50 <2.20.11-0ubuntu50.7"
      }
    ]
  }
]

Source	Link
suse	www.suse.com/security/cve/CVE-2021-32555.html
ubuntu	www.ubuntu.com/security/CVE-2021-32555
bugs	www.bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.15.5 - 7.3

CVSS 22.1

EPSS0.00055

apport hookutils symbolic links private data local users