CVE-2021-3710

MEDIUM Year: 2021
CVSS v3 Score
5.5
Medium
CVSS v2 Score
4.7
Medium
Weakness Type
CWE-24
View all →

Vulnerability Description

An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;

Related Vulnerabilities

CVE-2023-7041

MEDIUM
CVSS:5.4(Medium)

A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. ...

CWE-242023

CVE-2024-3218

MEDIUM
CVSS:5.4(Medium)

A vulnerability classified as critical has been found in Shibang Communications IP Network Intercom Broadcasting System 1.0. This affects an unknown part of the file /php/busyscreenshotpush.php. The m...

CWE-242024

CVE-2023-4171

MEDIUM
CVSS:5.3(Medium)

A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file \Service\FileDownload.ashx. T...

CWE-242023

CVE-2023-7098

MEDIUM
CVSS:5.3(Medium)

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in icret EasyImages 2.8.3. This vulnerability affects unknown code of the file app/hide.php. The manipulation of the...

CWE-242023

CVE-2024-0465

MEDIUM
CVSS:5.3(Medium)

A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the a...

CWE-242024

CVE-2024-1459

MEDIUM
CVSS:5.3(Medium)

A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which m...

CWE-242024