Skip to main content
CVE-2021-32557 HIGH POC This Week

It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Apport
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2021-34682 LOW POC Monitor

Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Imposto De Renda Da Pessoa Fisica 2021
NVD
CVSS 3.1
3.7
EPSS
0.7%
CVE-2021-31812 MEDIUM PATCH This Month

In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file.0.23 and prior 2.0.x versions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Apache Denial Of Service Pdfbox Fedora Banking Corporate Lending Process Management +4
NVD
CVSS 3.1
5.5
EPSS
3.1%
CVE-2021-31811 MEDIUM PATCH This Month

In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file.0.23 and prior 2.0.x versions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Apache Information Disclosure Pdfbox Fedora Banking Corporate Lending Process Management +9
NVD
CVSS 3.1
5.5
EPSS
3.4%
CVE-2021-32555 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32554 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32553 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux Openjdk
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32552 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32551 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32550 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32549 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32548 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32547 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32556 LOW Monitor

It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Apport
NVD
CVSS 3.1
3.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy