CVE-2026-54230

A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the ONOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and...

CVE-2026-54231 Abrt: unsanitized systemd journal content written to dump directory files enables content injection

A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory without sanitizing embedded control characters. A...

CVE-2026-54231

CVE-2026-54231 affects ABRT’s post-create event handler scripts in libreport. The event script reads journal entries for the crashed process and writes results to files in the dump directory without sanitizing embedded control characters. A local user can inject arbitrary content into the journal...

EUVD-2026-36639

A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the ONOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and...

CVE-2026-54230

CVE-2026-54230 describes a symlink-following vulnerability in ABRT’s libreport post-create event handler scripts. The scripts write output via shell redirections without O_NOFOLLOW, so if a target file is replaced with a symlink, a root process can overwrite arbitrary files on the system. This is...

CVE-2026-54230 Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites

A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the ONOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and...

MiracleLinux 7 : [security - medium] abrt and libreport (AXSA:2015-920:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-920:01 advisory. abrt abrt is a tool to help users to detect defects in applications and to create a bug report with all information needed by maintainer to fix it. I...

MiracleLinux 4 : btparser-0.17-1.AXS4, abrt-2.0.8-15.0.1.AXS4, libreport-2.0.9-15.0.2.AXS4 (AXSA:2013-204:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-204:01 advisory. abrt: abrt is a tool to help users to detect defects in applications and to create a bug report with all informations needed by maintainer to fix it...

MiracleLinux 4 : libreport-2.0.9-25.0.2.AXS4 (AXSA:2015-956:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-956:01 advisory. Libraries providing API for reporting different problems in applications to different bug targets like Bugzilla, ftp, trac, etc... Security issues fixed with...

MiracleLinux 4 : abrt-2.0.8-26.1.0.1.AXS4, libreport-2.0.9-21.1.0.1.AXS4 (AXSA:2015-183:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-183:01 advisory. abrt is a tool to help users to detect defects in applications and to create a bug report with all informations needed by maintainer to fix it. It us...

MiracleLinux 4 : abrt-2.0.8-6.0.1.AXS4, btparser-0.16-3.AXS4, libreport-2.0.9-5.0.1.AXS4, python-meh-0.12.1-3.AXS4 (AXSA:2012-870:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-870:02 advisory. Description of problem: abrt abrt is a tool to help users to detect defects in applications and to create a bug report with all informations needed b...

abrt security update

2.10.9-25.0.1 - Replaces sosreport to sos report in sosreport-event.conf Orabug: 38590929 - abrt-dump-oops-Fix-vmcore-call-trace-parsing-arm Orabug: 34184473 - Disable autoreporting on Oracle Linux Orabug: 32890748 - Add orabug32082455-Upstreamreferenceinpython3-abrt-addon.patch Orabug: 32082455 ...

Oracle Linux 8 : abrt (ELSA-2025-22760)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-22760 advisory. 2.10.9-25.0.1 - Replaces sosreport to sos report in sosreport-event.conf Orabug: 38590929 - abrt-dump-oops-Fix-vmcore-call-trace-parsing-arm Orabug: 34184473 -...

EUVD-2015-5277

Malware in sbrugna...

RHSA-2015:2504 Red Hat Security Advisory: libreport security update

Bulletin has no description...

RHSA-2015:2505 Red Hat Security Advisory: abrt and libreport security update

Bulletin has no description...

RHSA-2013:0215 Red Hat Security Advisory: abrt and libreport security update

Bulletin has no description...

RHSA-2012:0841 Red Hat Security Advisory: abrt, libreport, btparser, and python-meh security and bug fix update

Bulletin has no description...

SUSE CVE-2015-5302

libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the 1 backtrace, 2 cmdline, 3 environ, 4 openfds, 5 maps, 6 smaps, 7 hostname, 8 remote, 9 ks.cfg, or 10...

new packages: libreport

An update is available for libreport. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9....