Debian: >> Reportbug >> 2.61 Security Vulnerabilities
reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compare_versions and reportbug/checkversions.py.
CVSS Score
6.8
EPSS Score
0.007
Published
2014-08-06
reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-02-28
reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-02-28