Canonical Apport 2.20.9-0ubuntu4
Approved changes feed: RSS · Atom
cpe:2.3:a:canonical:apport:2.20.9-0ubuntu4:*:*:*:*:*:*:*
part: a version: 2.20.9-0ubuntu4 update: *
| Vendor | Canonical (bedcba35-8c3d-5a60-8532-2ba876a6ec88) |
|---|---|
| Product | Apport (ca13502d-4e4d-5b64-b6ae-0356fae7fbc1) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/ubuntu/apport |
purl2cpe | 2026-06-01 10:12:43.458029 |
pkg:github/rickysarraf-notmine/apport |
purl2cpe | 2026-06-01 10:12:43.458030 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-3710 |
vulnerable | 2026-06-03 14:45:12.562287 |
Apport info disclosure via path traversal bug in read_file
MEDIUM (6.5)
An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;
Published: 2021-10-01T02:35:22.911Z
Updated: 2024-09-17T01:41:25.529Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3709 |
vulnerable | 2026-06-03 14:45:12.484949 |
Apport file permission bypass through emacs byte compilation errors
MEDIUM (6.5)
Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;
Published: 2021-10-01T02:35:21.228Z
Updated: 2024-09-16T23:31:13.094Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-15702 |
vulnerable | 2026-06-03 14:41:46.268480 |
TOCTOU in apport
HIGH (7)
TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to escalate privileges. Fixed in 2.20.1-0ubuntu2.24, 2.20.9 versions prior to 2.20.9-0ubuntu7.16 and 2.20.11 versions prior to 2.20.11-0ubuntu27.6. Was ZDI-CAN-11234.
Published: 2020-08-06T22:50:22.871Z
Updated: 2025-11-03T19:25:30.971Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-15701 |
vulnerable | 2026-06-03 14:41:46.236338 |
Unhandled exception in apport
MEDIUM (5.5)
An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6.
Published: 2020-08-06T22:50:22.407Z
Updated: 2024-09-16T20:52:16.329Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-11936 |
vulnerable | 2026-06-03 14:41:32.410107 |
Details available
LOW (3.1)
gdbus setgid privilege escalation
Published: 2025-01-31T01:18:21.509Z
Updated: 2025-02-07T16:08:28.466Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.