abrt_project abrt CVE 漏洞(4)

CVE 数: 4 CPE versions: View versions table

摘要

本页列出影响 abrt_project abrt 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。

显示 144 CVE 数
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2026-54231 A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory without sanitizing embedded control characters. A local user can inject arbitrary content into the journal output by embedding newline characters in syslog messages, controlling the content that root writes to dump directory files. [email protected] 5.5 0.12% 2026-06-12 2026-06-29
CVE-2026-54230 A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the O_NOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and writes content to the symlink target, allowing arbitrary file overwrites on the system. [email protected] 7.0 0.12% 2026-06-12 2026-06-29
CVE-2011-4088 ABRT might allow attackers to obtain sensitive information from crash reports. [email protected] 7.5 1.62% 2020-01-31 2026-06-16
CVE-2015-1862 The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment. [email protected] 7.0 3.14% 2018-02-09 2026-06-16
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
cvelogic Threat Intelligence