6 matches found
CVE-2021-3709
Function checkattachmentforerrors in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to...
CVE-2021-3709
CVE-2021-3709 affects Apport. The issue arises from function check_attachment_for_errors() in data/general-hooks/ubuntu.py, which could be tricked by a constructed crash file to expose private data. Affected versions include apport 2.14.1 before 2.14.1-0ubuntu3.29+esm8; 2.20.1 before 2.20.1-0ubun...
CVE-2021-3709 Apport file permission bypass through emacs byte compilation errors
Function checkattachmentforerrors in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to...
Ubuntu 18.04 LTS / 20.04 LTS : Apport vulnerabilities (USN-5077-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5077-1 advisory. Maik Mnch and Stephen Rttger discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use...
CVE-2021-3709
Function checkattachmentforerrors in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to...
Ubuntu 16.04 ESM : Apport vulnerabilities (USN-5077-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5077-2 advisory. USN-5077-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...