Apport

This hub aggregates every CVE we track for Apport, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Apport.

• CVE-2025-5467Ubuntu Apport Insecure File Permissions Vulnerability3.3Dec 10, 2025
• CVE-2025-5054Race Condition in Canonical Apport4.7May 30, 2025
• CVE-2020-11936gdbus setgid privilege escalation3.1Jan 31, 2025
• CVE-2022-28653Users can consume unlimited disk space in /var/crash7.5Jan 31, 2025
• CVE-2022-28658Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing5.5Jun 4, 2024
• CVE-2022-28657Apport does not disable python crash handler before entering chroot7.8Jun 4, 2024
• CVE-2022-28656is_closing_session() allows users to consume RAM in the Apport process5.5Jun 4, 2024
• CVE-2022-28655is_closing_session() allows users to create arbitrary tcp dbus connections7.1Jun 4, 2024
• CVE-2022-28654is_closing_session() allows users to fill up apport.log5.5Jun 4, 2024
• CVE-2022-28652~/.config/apport/settings parsing is vulnerable to "billion laughs" attack5.5Jun 4, 2024
• CVE-2022-1242Apport can be tricked into connecting to arbitrary sockets as the root user7.8Jun 3, 2024
• CVE-2021-3899There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root.7.8Jun 3, 2024
• CVE-2023-1326local privilege escalation in apport-cli7.7Apr 13, 2023
• CVE-2021-3710Apport info disclosure via path traversal bug in read_file6.5Oct 1, 2021
• CVE-2021-3709Apport file permission bypass through emacs byte compilation errors6.5Oct 1, 2021