CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-32555

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.3%

CVSS Severity

CVSS v3 Score 7.3

CVSS v2 Score 2.1

References

https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904

Products affected by CVE-2021-32555

Canonical » Ubuntu Linux » Version: 18.04

cpe:2.3:o:canonical:ubuntu_linux:18.04
Canonical » Ubuntu Linux » Version: 20.04

cpe:2.3:o:canonical:ubuntu_linux:20.04
Canonical » Ubuntu Linux » Version: 20.10

cpe:2.3:o:canonical:ubuntu_linux:20.10
Canonical » Ubuntu Linux » Version: 21.04

cpe:2.3:o:canonical:ubuntu_linux:21.04
Canonical » Ubuntu Linux » Version: 21.10

cpe:2.3:o:canonical:ubuntu_linux:21.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-32555

Products

Pricing

Contact Us