canonical apport Vulnerabilities: CVEs, CISA KEV & Security Advisories

Severity and exploitation

How the CVSS severity of canonical apport's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical0

High20

Medium8

Low6

In CISA’s Known Exploited Vulnerabilities catalog

None of canonical apport's CVEs are currently listed in CISA's KEV catalog.

Public exploits

5 of canonical apport's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every canonical apport version named in a CVE, then pick one to see only the CVEs that affect it.

Specific versions

0.0.11 CVE
0.1111 CVE
0.1121 CVE
0.1141 CVE
0.1151 CVE
0.1161 CVE
0.1171 CVE
0.1191 CVE
0.1201 CVE
0.1211 CVE
0.1221 CVE
0.1231 CVE
0.1241 CVE
0.1251 CVE
0.1261 CVE
0.1271 CVE
0.1281 CVE
0.1291 CVE
0.1301 CVE
0.1311 CVE
0.1321 CVE
0.1331 CVE
0.1341 CVE
0.1351 CVE
0.1361 CVE
0.1381 CVE
0.1391 CVE
0.1401 CVE
0.1411 CVE
0.1421 CVE
0.1431 CVE
0.1441 CVE
0.1451 CVE
0.1461 CVE
0.1471 CVE
0.1481 CVE
0.1491 CVE
1.01 CVE
1.0-0ubuntu11 CVE
1.0-0ubuntu21 CVE
1.0-0ubuntu31 CVE
1.0-0ubuntu41 CVE
1.0-0ubuntu51 CVE
1.11 CVE
1.1-0ubuntu11 CVE
1.1.11 CVE
1.1.1-0ubuntu11 CVE
1.1.1-0ubuntu21 CVE
1.101 CVE
1.10.11 CVE
1.111 CVE
1.121 CVE
1.12.11 CVE
1.131 CVE
1.13.11 CVE
1.13.21 CVE
1.13.31 CVE
1.13.41 CVE
1.141 CVE
1.14.11 CVE
1.151 CVE
1.161 CVE
1.171 CVE
1.17.11 CVE
1.17.21 CVE
1.181 CVE
1.191 CVE
1.2.01 CVE
1.2.11 CVE
1.2.1-0ubuntu11 CVE
1.2.1-0ubuntu21 CVE
1.2.1-0ubuntu31 CVE
1.201 CVE
1.20.11 CVE
1.211 CVE
1.21.11 CVE
1.21.21 CVE
1.21.31 CVE
1.221 CVE
1.22.11 CVE
1.231 CVE
1.23.11 CVE
1.241 CVE
1.251 CVE
1.261 CVE
1.31 CVE
1.3-0ubuntu11 CVE
1.3-0ubuntu21 CVE
1.41 CVE
1.4-0ubuntu11 CVE
1.51 CVE
1.5-0ubuntu11 CVE
1.5-0ubuntu21 CVE
1.61 CVE
1.6-0ubuntu11 CVE
1.6-0ubuntu21 CVE
1.6-0ubuntu31 CVE
1.71 CVE
1.7-0ubuntu11 CVE
1.7-0ubuntu21 CVE
1.7-0ubuntu31 CVE
1.7-0ubuntu41 CVE
1.81 CVE
1.8-0ubuntu11 CVE
1.8-0ubuntu21 CVE
1.8.11 CVE
1.8.1-0ubuntu11 CVE
1.8.21 CVE
1.8.2-0ubuntu11 CVE
1.91 CVE
1.9-0ubuntu11 CVE
1.9-0ubuntu21 CVE
1.9-0ubuntu31 CVE
1.9-0ubuntu51 CVE
1.9-0ubuntu61 CVE
1.9.11 CVE
1.9.1-0ubuntu11 CVE
1.9.1-0ubuntu21 CVE
1.9.1-0ubuntu31 CVE
1.9.21 CVE
1.9.2-0ubuntu11 CVE
1.9.2-0ubuntu21 CVE
1.9.31 CVE
1.9.3-0ubuntu11 CVE
1.9.3-0ubuntu21 CVE
1.9.3-0ubuntu31 CVE
1.9.3-0ubuntu41 CVE
1.9.41 CVE
1.9.4-0ubuntu11 CVE
1.9.51 CVE
1.9.61 CVE
1.901 CVE
1.911 CVE
1.921 CVE
1.931 CVE
1.941 CVE
1.94.11 CVE
1.951 CVE
2.01 CVE
2.0.11 CVE
2.11 CVE
2.1.11 CVE
2.101 CVE
2.10.11 CVE
2.10.21 CVE
2.111 CVE
2.121 CVE
2.12.11 CVE
2.12.21 CVE
2.12.31 CVE
2.12.41 CVE
2.12.51 CVE
2.12.61 CVE
2.12.71 CVE
2.131 CVE
2.13.11 CVE
2.13.21 CVE
2.13.31 CVE
2.141 CVE
2.14.11 CVE
2.14.21 CVE
2.14.31 CVE
2.14.41 CVE
2.14.51 CVE
2.14.61 CVE
2.14.71 CVE
2.151 CVE
2.15.11 CVE
2.161 CVE
2.16.11 CVE
2.16.21 CVE
2.171 CVE
2.17.11 CVE
2.17.21 CVE
2.17.31 CVE
2.181 CVE
2.18.11 CVE
2.191 CVE
2.19.11 CVE
2.19.21 CVE
2.19.31 CVE
2.19.41 CVE
2.21 CVE
2.2.11 CVE
2.2.21 CVE
2.2.31 CVE
2.2.41 CVE
2.2.51 CVE
2.201 CVE
2.20.11 CVE
2.20.101 CVE
2.20.111 CVE
2.20.21 CVE
2.20.31 CVE
2.20.41 CVE
2.20.51 CVE
2.20.61 CVE
2.20.71 CVE
2.20.81 CVE
2.20.91 CVE
2.21.01 CVE
2.22.01 CVE
2.23.01 CVE
2.23.11 CVE
2.24.01 CVE
2.25.01 CVE
2.26.01 CVE
2.31 CVE
2.41 CVE
2.51 CVE
2.5.11 CVE
2.5.21 CVE
2.5.31 CVE
2.61 CVE
2.6.11 CVE
2.6.21 CVE
2.6.31 CVE
2.71 CVE
2.81 CVE
2.91 CVE
2.9.11 CVE
2.9.21 CVE

Fixed in

2.14.1-0ubuntu3.29+esm711 CVEs
2.20.1-0ubuntu2.30+esm111 CVEs
2.20.11-0ubuntu27.1811 CVEs
2.20.11-0ubuntu50.711 CVEs
2.20.11-0ubuntu65.111 CVEs
2.20.9-0ubuntu7.2411 CVEs
2.14.1-0ubuntu3.29+esm24 CVEs
2.20.1-0ubuntu2.204 CVEs
2.20.1-0ubuntu2.304 CVEs
2.20.11-0ubuntu8.14 CVEs
2.20.9-0ubuntu7.84 CVEs
2.21.04 CVEs
2.20.11-0ubuntu27.16

Find a version

34 CVEs

Sort

Ubuntu Apport Insecure File Permissions Vulnerability
CVE-2025-5467
Public exploit
Patch
CWE-708
Low · CVSS 1.9
EPSS 0.0% (5th pct)2025-12-10
Race Condition in Canonical Apport
CVE-2025-5054
Public exploit
Patch
CWE-362
Medium · CVSS 4.7
EPSS 0.0% (9th pct)2025-05-30
Low vulnerability · 2025-01-31
CVE-2020-11936
Public exploit
Patch
Low · CVSS 3.1
EPSS 0.2% (37th pct)2025-01-31
High vulnerability · 2025-01-31
CVE-2022-28653
Patch
High · CVSS 7.5
EPSS 0.2% (41th pct)2025-01-31
High vulnerability · 2024-06-04
CVE-2022-28657
Patch
CWE-400
High · CVSS 7.8
EPSS 0.1% (16th pct)2024-06-04
High vulnerability · 2024-06-03
CVE-2022-1242
Patch
CWE-20
High · CVSS 7.8
EPSS 0.1% (21th pct)2024-06-03
High vulnerability · 2024-06-03
CVE-2021-3899
Patch
CWE-367
High · CVSS 7.8
EPSS 2.2% (85th pct)2024-06-03
High vulnerability · 2023-04-13
CVE-2023-1326
Patch
CWE-269
High · CVSS 7.7
EPSS 5.0% (90th pct)2023-04-13
Apport info disclosure via path traversal bug in read_file
CVE-2021-3710
Patch
CWE-24
Medium · CVSS 6.5
EPSS 0.0% (16th pct)2021-10-01
Apport file permission bypass through emacs byte compilation errors
CVE-2021-3709
Patch
CWE-538
Medium · CVSS 6.5
EPSS 0.1% (22th pct)2021-10-01
Medium vulnerability · 2021-06-12
CVE-2021-32557
Patch
CWE-59
Medium · CVSS 5.2
EPSS 0.1% (18th pct)2021-06-12
apport get_modified_conffiles() function command injection
CVE-2021-32556
Patch
CWE-78
Low · CVSS 3.8
EPSS 0.1% (26th pct)2021-06-12
High vulnerability · 2021-06-12
CVE-2021-32555
Patch
CWE-59
High · CVSS 7.3
EPSS 0.1% (18th pct)2021-06-12
High vulnerability · 2021-06-12
CVE-2021-32554
Patch
CWE-59
High · CVSS 7.3
EPSS 0.1% (19th pct)2021-06-12
High vulnerability · 2021-06-12
CVE-2021-32553
Patch
CWE-59
High · CVSS 7.3
EPSS 0.0% (15th pct)2021-06-12
High vulnerability · 2021-06-12
CVE-2021-32552
Patch
CWE-61
High · CVSS 7.3
EPSS 0.1% (18th pct)2021-06-12
apport read_file() function could follow maliciously constructed symbolic links
CVE-2021-32551
Patch
CWE-59
High · CVSS 7.3
EPSS 0.1% (18th pct)2021-06-12
High vulnerability · 2021-06-12
CVE-2021-32550
Patch
CWE-59
High · CVSS 7.3
EPSS 0.1% (18th pct)2021-06-12
High vulnerability · 2021-06-12
CVE-2021-32549
Patch
CWE-59
High · CVSS 7.3
EPSS 0.1% (19th pct)2021-06-12
High vulnerability · 2021-06-12
CVE-2021-32548
Patch
CWE-59
High · CVSS 7.3
EPSS 0.1% (19th pct)2021-06-12
High vulnerability · 2021-06-12
CVE-2021-32547
Patch
CWE-61
High · CVSS 7.3
EPSS 0.1% (19th pct)2021-06-12
apport can be stalled by reading a FIFO
CVE-2021-25684
Patch
CWE-20
High · CVSS 8.8
EPSS 0.0% (14th pct)2021-06-11
High vulnerability · 2021-06-11
CVE-2021-25683
Patch
CWE-20
High · CVSS 8.8
EPSS 0.0% (15th pct)2021-06-11
High vulnerability · 2021-06-11
CVE-2021-25682
Patch
CWE-20
High · CVSS 8.8
EPSS 0.1% (30th pct)2021-06-11
TOCTOU in apport
CVE-2020-15702
Patch
CWE-367
High · CVSS 7.0
EPSS 0.0% (14th pct)2020-08-06
Medium vulnerability · 2020-08-06
CVE-2020-15701
Patch
CWE-755
Medium · CVSS 5.5
EPSS 0.1% (30th pct)2020-08-06
Apport reads PID files with elevated privileges
CVE-2019-15790
Public exploit
Patch
CWE-250
Low · CVSS 2.8
EPSS 0.1% (20th pct)2020-04-27
Apport race condition in crash report permissions
CVE-2020-8833
Patch
CWE-367
Medium · CVSS 5.6
EPSS 0.0% (12th pct)2020-04-22
World writable root owned lock file created in user controllable location
CVE-2020-8831
Patch
CWE-379
Medium · CVSS 6.5
EPSS 0.1% (26th pct)2020-04-22
apport created lock file in wrong directory
CVE-2019-11485
Patch
CWE-412
Low · CVSS 3.3
EPSS 0.1% (26th pct)2020-02-08

Showing 30 of 34

Severity and exploitation

canonical apport Vulnerabilities

Overview

Severity and exploitation

Affected versions and CVEs

Specific versions

Fixed in

Common weakness types

Disclosure activity by year

Other canonical products

Frequently asked questions

How many CVEs does canonical apport have?

How many canonical apport CVEs are in CISA KEV?

Are there public exploits for canonical apport vulnerabilities?

Which versions of canonical apport are affected?

What are the most common weakness types in canonical apport CVEs?

What is the average severity of canonical apport CVEs?

References

Track canonical apport vulnerabilities