CPE-99A14216-0AA6-41EA-B1BF-658E915BB24C Detail

CPE Details

Apport Project Apport 2.20.7

Vendor

apport_project

Product

apport

Version

2.20.7

Created

2019-06-05
12h36 +00:00

Modified

2019-06-05
12h36 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:apport_project:apport:2.20.7:::::::*

Informations

Vendor

apport_project

Product

apport

Version

2.20.7

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2022-28658	2024-06-04 22h03 +00:00	Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing	5.5	Medium
CVE-2022-28657	2024-06-04 22h02 +00:00	Apport does not disable python crash handler before entering chroot	7.8	High
CVE-2022-28656	2024-06-04 21h58 +00:00	is_closing_session() allows users to consume RAM in the Apport process	5.5	Medium
CVE-2022-28655	2024-06-04 21h56 +00:00	is_closing_session() allows users to create arbitrary tcp dbus connections	7.1	High
CVE-2022-28654	2024-06-04 21h54 +00:00	is_closing_session() allows users to fill up apport.log	5.5	Medium
CVE-2022-28652	2024-06-04 21h38 +00:00	~/.config/apport/settings parsing is vulnerable to "billion laughs" attack	5.5	Medium
CVE-2018-6552	2018-05-31 22h00 +00:00	Apport does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers. The is_same_ns() function returns True when /proc// does not exist in order to indicate that the crash should be handled in the global namespace rather than inside of a container. However, the portion of the data/apport code that decides whether or not to forward a crash to a container does not always replace sys.argv[1] with the value stored in the host_pid variable when /proc// does not exist which results in the container pid being used in the global namespace. This flaw affects versions 2.20.8-0ubuntu4 through 2.20.9-0ubuntu7, 2.20.7-0ubuntu3.7, 2.20.7-0ubuntu3.8, 2.20.1-0ubuntu2.15 through 2.20.1-0ubuntu2.17, and 2.14.1-0ubuntu3.28.	7.8	High
CVE-2017-14177	2018-02-02 14h00 +00:00	Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1324.	7.8	High
CVE-2017-14180	2018-02-02 14h00 +00:00	Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges, a different vulnerability than CVE-2017-14179.	7.8	High

Apport Project Apport 2.20.7

CPE Details

CPE Name: cpe:2.3:a:apport_project:apport:2.20.7:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:apport_project:apport:2.20.7:::::::*