Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: haskellPackages.apportionment

Found 13 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2022-28657
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
Apport does not disable python crash handler before entering chroot

Apport does not disable python crash handler before entering chroot

References

Affected products

apport
  • <2.21.0

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2021-3899
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
There is a race condition in the 'replaced executable' detection …

There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root.

References

Affected products

apport
  • <2.21.0

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2022-1242
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
Apport can be tricked into connecting to arbitrary sockets as …

Apport can be tricked into connecting to arbitrary sockets as the root user

References

Affected products

apport
  • <2.21.0

Matching in nixpkgs

Package maintainers