GCVE - cpe:2.3:a:ubuntu:apport:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:ubuntu:apport:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Ubuntu (`54779f98-997b-58ec-a561-52dfa4086aae`)
Product	Apport (`b506573c-d18b-5369-b699-f73febb79efe`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2019-7307`	vulnerable	2026-06-03 14:40:41.612744	Apport contains a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml MEDIUM (6.5) Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml file, which allows a local attacker to replace this file with a symlink to any other file on the system and so cause Apport to include the contents of this other file in the resulting crash report. The crash report could then be read by that user either by causing it to be uploaded and reported to Launchpad, or by leveraging some other vulnerability to read the resulting crash report, and so allow the user to read arbitrary files on the system. Published: 2019-08-29T14:40:18.750Z Updated: 2024-09-16T23:56:02.156Z Open on db.gcve.eu Reference links https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-7307.html https://bugs.launchpad.net/ubuntu/%2Bsource/apport/%2Bbug/1830858 http://packetstormsecurity.com/files/172858/Ubuntu-Apport-Whoopsie-DoS-Integer-Overflow.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-1341`	vulnerable	2026-06-03 14:34:39.188096	Apport privilege escalation through Python module imports HIGH (7.4) Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path. Published: 2019-04-22T15:35:59.329Z Updated: 2024-09-16T23:45:46.716Z Open on db.gcve.eu Reference links https://launchpad.net/apport/trunk/2.19.2 https://usn.ubuntu.com/2782-1/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.