CVSS: 7.0EPSS: 4%CPEs: 1EXPL: 8CVE-2015-1862 – Abrt (Fedora 21) - Race Condition
https://notcve.org/view.php?id=CVE-2015-1862
15 Apr 2015 — The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment. La característica de reporte de cierres inesperados en Abrt permite que usuarios locales obtengan privilegios aprovechando un execve por root tras un chroot en un directorio especificado por el usuario en un entorno de espacio de nombres. Various security issues relating to symlink attacks and race conditions with Abrt and Appo... • https://packetstorm.news/files/id/131423 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2011-4088 – abrt: may leak some personal information to bugzilla with some certain applications
https://notcve.org/view.php?id=CVE-2011-4088
20 Jun 2012 — ABRT might allow attackers to obtain sensitive information from crash reports. ABRT podría permitir a atacantes obtener información confidencial de los reportes de fallos. ABRT is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. The... • http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071027.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •