apport-cli
by Canonical
CVEs (29)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-32557 | Med | 0.34 | 5.2 | 0.00 | Jun 12, 2021 | It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks. | ||
| CVE-2025-5054 | Med | 0.31 | 4.7 | 0.01 | May 30, 2025 | Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a… | ||
| CVE-2019-11482 | Med | 0.27 | 4.2 | 0.00 | Feb 8, 2020 | Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories. | ||
| CVE-2021-32556 | Low | 0.25 | 3.8 | 0.00 | Jun 12, 2021 | It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call. | ||
| CVE-2019-11481 | Low | 0.25 | 3.8 | 0.00 | Feb 8, 2020 | Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences. | ||
| CVE-2019-11485 | Low | 0.21 | 3.3 | 0.00 | Feb 8, 2020 | Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling. | ||
| CVE-2019-15790 | Low | 0.18 | 2.8 | 0.01 | Apr 28, 2020 | Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through get_pid_info() in data/apport. An unprivileged user could exploit this to read… | ||
| CVE-2025-5467 | 0.00 | — | 0.00 | Dec 10, 2025 | It was discovered that process_crash() in data/apport in Canonical's Apport crash reporting tool may create crash files with incorrect group ownership, possibly exposing crash information beyond expected or intended groups. | |||
| CVE-2023-1326 | Hig | 0.00 | 7.7 | 0.01 | Apr 13, 2023 | A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local… |
- risk 0.34cvss 5.2epss 0.00
It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks.
- risk 0.31cvss 4.7epss 0.01
Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a…
- risk 0.27cvss 4.2epss 0.00
Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories.
- risk 0.25cvss 3.8epss 0.00
It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call.
- risk 0.25cvss 3.8epss 0.00
Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.
- risk 0.21cvss 3.3epss 0.00
Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling.
- risk 0.18cvss 2.8epss 0.01
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through get_pid_info() in data/apport. An unprivileged user could exploit this to read…
- CVE-2025-5467Dec 10, 2025risk 0.00cvss —epss 0.00
It was discovered that process_crash() in data/apport in Canonical's Apport crash reporting tool may create crash files with incorrect group ownership, possibly exposing crash information beyond expected or intended groups.
- risk 0.00cvss 7.7epss 0.01
A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local…
Page 2 of 2