It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Information Disclosure
Apport
NVD
CVSS 3.1
7.1
EPSS
0.4%