CVE-2021-3710 · CVEKit

cve.orgen

371 chars

An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;

NVDen

371 chars

An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;

NVDes

437 chars

Se ha detectado una divulgación de información por medio de un salto de ruta en la función read_file() del archivo apport/hookutils.py. Este problema afecta a: las versiones de apport 2.14.1 anteriores a 2.14.1-0ubuntu3.29+esm8; versiones 2.20.1 anteriores a 2.20.1-0ubuntu2.30+esm2; versiones 2.20.9 anteriores a 2.20.9-0ubuntu7.26; versiones 2.20.11 anteriores a 2.20.11-0ubuntu27.20; versiones 2.20.11 anteriores a 2.20.11-0ubuntu65.3

CVSS metrics across sources

5

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.7	3.4	6.9	AV:L/AC:M/Au:N/C:C/I:N/A:N
3.1	Primary	cve.org	6.5	—	—	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N