CVE-2021-3709
published 2021-10-01CVE-2021-3709: Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;
Affected
178 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apport_project | apport | >= 0 < 2.20.9-0ubuntu7.26 | 2.20.9-0ubuntu7.26 |
| apport_project | apport | >= 0 < 2.20.11-0ubuntu27.20 | 2.20.11-0ubuntu27.20 |
| apport_project | apport | >= 0 < 2.14.1-0ubuntu3.29+esm8 | 2.14.1-0ubuntu3.29+esm8 |
| apport_project | apport | >= 0 < 2.20.1-0ubuntu2.30+esm2 | 2.20.1-0ubuntu2.30+esm2 |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
| canonical | apport | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
osv5.5MEDIUM