3 matches found
CVE-2026-54230
A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the ONOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and...
CVE-2026-54230
CVE-2026-54230 describes a symlink-following vulnerability in ABRT’s libreport post-create event handler scripts. The scripts write output via shell redirections without O_NOFOLLOW, so if a target file is replaced with a symlink, a root process can overwrite arbitrary files on the system. This is...
PT-2026-49076
Name of the Vulnerable Software and Affected Versions libreport affected versions not specified Description A content injection issue exists in the ABRT post-create event handler scripts within libreport. The event script retrieves log entries from the systemd journal for crashed processes and...