Ubuntu Linux@21.10 Security Vulnerabilities and Issues — Ubuntu Linux@21.10 CVE List

Lucene search

CanonicalUbuntu Linux21.10

11 matches found

CVE•added 2021/06/12 4:15 a.m.•211 views

CVE-2021-32550

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00043EPSS

CVE•added 2021/12/08 12:15 a.m.•161 views

CVE-2021-44420

In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.

7.5CVSS7.1AI score0.00102EPSS

CVE•added 2021/06/12 4:15 a.m.•133 views

CVE-2021-32553

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.0004EPSS

CVE•added 2021/06/12 4:15 a.m.•129 views

CVE-2021-32549

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00047EPSS

CVE•added 2021/06/12 4:15 a.m.•128 views

CVE-2021-32555

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00043EPSS

CVE•added 2021/06/12 4:15 a.m.•127 views

CVE-2021-32554

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00047EPSS

CVE•added 2021/06/12 4:15 a.m.•123 views

CVE-2021-32552

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00043EPSS

CVE•added 2021/06/12 4:15 a.m.•122 views

CVE-2021-32551

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00043EPSS

CVE•added 2021/06/12 4:15 a.m.•121 views

CVE-2021-32548

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00047EPSS

CVE•added 2021/06/12 4:15 a.m.•119 views

CVE-2021-32547

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00047EPSS

CVE•added 2021/11/17 4:15 a.m.•105 views

CVE-2021-3939

Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the user_change_language_authorized_cb function. This is reachable via the SetLanguage dbus function. This is fixe...

7.8CVSS7.3AI score0.00163EPSS