| Max CVSS | 6.1 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-11481 | 6.1 |
Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.
|
12-06-2023 - 07:15 | 08-02-2020 - 05:15 | |
| CVE-2019-11485 | 2.1 |
Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling.
|
01-01-2022 - 19:57 | 08-02-2020 - 05:15 | |
| CVE-2019-11483 | 2.1 |
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user.
|
24-08-2020 - 17:37 | 08-02-2020 - 05:15 | |
| CVE-2019-11482 | 1.9 |
Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories.
|
12-02-2020 - 18:49 | 08-02-2020 - 05:15 |