CVE-2025-5467

It was discovered that processcrash in data/apport in Canonical's Apport crash reporting tool may create crash files with incorrect group ownership, possibly exposing crash information beyond expected or intended groups...

CVE-2025-5467 Ubuntu Apport Insecure File Permissions Vulnerability

It was discovered that processcrash in data/apport in Canonical's Apport crash reporting tool may create crash files with incorrect group ownership, possibly exposing crash information beyond expected or intended groups...

EUVD-2025-202585

It was discovered that processcrash in data/apport in Canonical's Apport crash reporting tool may create crash files with incorrect group ownership, possibly exposing crash information beyond expected or intended groups...

CVE-2025-5467

Technical details for CVE-2025-5467 are not publicly available in the provided documents. No affected products, root cause, or remediation are specified here. Monitor for updates from upstream advisories and connected sources.

Canonical apport 安全漏洞

Canonical apport is an open source crash reporting tool from Canonical. A security vulnerability exists in Canonical apport that stems from improper group ownership settings when the crash reporting tool creates crash files, which could lead to the disclosure of crash information...

XML External Entity (XXE)

quartz is vulnerable to XML external entity XXE attacks. The external DTDs and doctype declarations are not disabled by default, allowing an attacker to access system files, or perform requests on behalf of the server via a malicious XML document. The vulnerability also allows an attacker to...

Apport Arbitrary Code Execution Vulnerability (CNVD-2017-25040)

Ubuntu is a desktop-oriented GNU/Linux operating system developed by Canonical and the Ubuntu Foundation, and Apport is a toolkit that collects and provides feedback on errors information that the operating system finds useful when an application crashes. A security vulnerability exists in Apport...

USN-3354-1: Apport vulnerability

Felix Wilhelm discovered a path traversal vulnerability in Apport when handling the ExecutablePath field in crash files. An attacker could trick a user into opening a specially crafted crash file and execute arbitrary code with the user's privileges...

USN-3354-1 apport vulnerability

Felix Wilhelm discovered a path traversal vulnerability in Apport when handling the ExecutablePath field in crash files. An attacker could trick a user into opening a specially crafted crash file and execute arbitrary code with the user's privileges...

CVE-2016-9951

An issue was discovered in Apport before 2.20.4. A malicious Apport crash file can contain a restart command in RespawnCommand or ProcCmdline fields. This command will be executed if a user clicks the Relaunch button on the Apport prompt from the malicious crash file. The fix is to only show the...