40 matches found
CVE-2021-32547
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users...
Open redirect
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users...
Open redirect
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users...
Open redirect
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users...
Open redirect
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users...
CVE-2021-32555 apport read_file() function could follow maliciously constructed symbolic links
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users...
CVE-2021-32554 apport read_file() function could follow maliciously constructed symbolic links
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users...
CVE-2021-32553 apport read_file() function could follow maliciously constructed symbolic links
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users...
CVE-2021-32551 apport read_file() function could follow maliciously constructed symbolic links
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users...
CVE-2021-32552 apport read_file() function could follow maliciously constructed symbolic links
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users...
CVE-2021-32550 apport read_file() function could follow maliciously constructed symbolic links
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users...
CVE-2021-32549 apport read_file() function could follow maliciously constructed symbolic links
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users...
CVE-2021-32548 apport read_file() function could follow maliciously constructed symbolic links
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users...
CVE-2021-32547 apport read_file() function could follow maliciously constructed symbolic links
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users...
CVE-2021-32553
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users...
CVE-2021-32550
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users...
UBUNTU-CVE-2021-32552
It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users...
SUSE SLED15 / SLES15 Security Update : opensc (SUSE-SU-2018:3629-1)
This update for opensc fixes the following security issues : CVE-2018-16391: Fixed a denial of service when handling responses from a Muscle Card bsc1106998 CVE-2018-16392: Fixed a denial of service when handling responses from a TCOS Card bsc1106999 CVE-2018-16393: Fixed buffer overflows when...
Double free
A double free when handling responses in readfile in tools/egk-tool.c aka the eGK card tool in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...
OpenSC Double Release Vulnerability (CNVD-2019-28619)
OpenSC is an open source smart card tool and middleware. A double-release vulnerability exists in the 'readfile' function of the tools/egk-tool.c file in versions prior to OpenSC 0.19.0-rc1. An attacker can exploit this vulnerability to cause a denial of service application crash with the help of...