abrt/libreport

abrt/libreport

Releases129

Frequency1 month 5 days

Last Release over 2 years ago

Stars35

Generic library for reporting various problems

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2015-3150 ↗	Jan 14, 2020Tuesday, 14 January 2020, 18:15	7.1 HIGH	7.2 HIGH
abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElement, or (3) DeleteProblem method.
CVE-2015-3151 ↗	Jan 14, 2020Tuesday, 14 January 2020, 18:15	7.8 HIGH	7.2 HIGH
Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method.
CVE-2015-1870 ↗	Jun 26, 2017Monday, 26 June 2017, 15:29	—	2.1 LOW
The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-readable permission on a copy of sosreport file in problem directories, which allows local users to obtain sensitive information from /var/log/messages via unspecified vectors.
CVE-2015-5302 ↗	Dec 7, 2015Monday, 7 December 2015, 18:59	—	5 MEDIUM
libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds, (5) maps, (6) smaps, (7) hostname, (8) remote, (9) ks.cfg, or (10) anaconda-tb file attachment included in a Red Hat Bugzilla bug report.