Filtered by vendor Apport Project
Subscriptions
Filtered by product Apport
Subscriptions
Total
24 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-28652 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2024-08-05 | 5.5 Medium |
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack | ||||
CVE-2017-10708 | 1 Apport Project | 1 Apport | 2024-08-05 | N/A |
An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific hooks without protecting against path traversal. This allows remote attackers to execute arbitrary code via a crafted .crash file. | ||||
CVE-2022-28656 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2024-08-05 | 5.5 Medium |
is_closing_session() allows users to consume RAM in the Apport process | ||||
CVE-2022-28657 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2024-08-03 | 7.8 High |
Apport does not disable python crash handler before entering chroot |