CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-32553

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.4%

CVSS Severity

CVSS v3 Score 7.3

CVSS v2 Score 2.1

References

https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904

Products affected by CVE-2021-32553

Oracle » Openjdk » Version: 17

cpe:2.3:a:oracle:openjdk:17
Canonical » Ubuntu Linux » Version: 18.04

cpe:2.3:o:canonical:ubuntu_linux:18.04
Canonical » Ubuntu Linux » Version: 20.04

cpe:2.3:o:canonical:ubuntu_linux:20.04
Canonical » Ubuntu Linux » Version: 20.10

cpe:2.3:o:canonical:ubuntu_linux:20.10
Canonical » Ubuntu Linux » Version: 21.04

cpe:2.3:o:canonical:ubuntu_linux:21.04
Canonical » Ubuntu Linux » Version: 21.10

cpe:2.3:o:canonical:ubuntu_linux:21.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-32553

Products

Pricing

Contact Us