Filtered by vendor Apport Project Subscriptions
Total 24 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-28652 2 Apport Project, Canonical 2 Apport, Ubuntu Linux 2024-08-05 5.5 Medium
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack
CVE-2017-10708 1 Apport Project 1 Apport 2024-08-05 N/A
An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific hooks without protecting against path traversal. This allows remote attackers to execute arbitrary code via a crafted .crash file.
CVE-2022-28656 2 Apport Project, Canonical 2 Apport, Ubuntu Linux 2024-08-05 5.5 Medium
is_closing_session() allows users to consume RAM in the Apport process
CVE-2022-28657 2 Apport Project, Canonical 2 Apport, Ubuntu Linux 2024-08-03 7.8 High
Apport does not disable python crash handler before entering chroot