Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/06/13 2:34 a.m.6 views

CVE-2026-54230 Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites

A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the ONOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and...

7CVSS5.5AI score0.0014EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.6 views

Canonical apport 安全漏洞

Canonical apport is an open source crash reporting tool from Canonical. A security vulnerability exists in Canonical apport that stems from improper group ownership settings when the crash reporting tool creates crash files, which could lead to the disclosure of crash information...

8.8CVSS6.3AI score0.03239EPSS
Exploits13References2
Fedora
Fedora
added 2025/12/09 1:38 a.m.9 views

[SECURITY] Fedora 41 Update: abrt-2.17.8-1.fc41

abrt is a tool to help users to detect defects in applications and to create a bug report with all information needed by maintainer to fix it. It uses plugin system to extend its functionality...

8.8CVSS6.3AI score0.00585EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2015/11/23 9:21 a.m.3 views

libreport: Possible private data leak in Bugzilla bugs opened by ABRT

It was found that ABRT may have exposed non-public information to Red Hat Bugzilla during crash reporting. A bug in the libreport library caused changes made by a user in files included in a crash report to be discarded. As a result, Red Hat Bugzilla attachments may contain data that was not...

5CVSS5.7AI score0.02769EPSS
Exploits0References4
Rows per page
Query Builder