6 matches found
CVE-2021-32550
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users...
Open redirect
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users...
CVE-2021-32550 apport read_file() function could follow maliciously constructed symbolic links
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users...
CVE-2021-32550
CVE-2021-32550 affects Ubuntu Apport: read_file() in apport/hookutils.py can follow symbolic links or open FIFOs, enabling a local attacker to access private data via openjdk-14 package apport hooks. Public details identify the vulnerability as local in scope with partial confidentiality impact a...
Arbitrary File Read
apport is vulnerable to arbitrary file read. The addinfo function allows arbitrary file read in openjdk-14...
CVE-2021-32550
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users...