CVE-2015-1341

Publication date 27 October 2015

Last updated 25 August 2025

Ubuntu priority

Cvss 3 Severity Score

Description

Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
apport	17.04 zesty	Fixed 2.19.2-0ubuntu1
	16.10 yakkety	Fixed 2.19.2-0ubuntu1
	16.04 LTS xenial	Fixed 2.19.2-0ubuntu1
	15.10 wily	Fixed 2.19.1-0ubuntu4
	15.04 vivid	Fixed 2.17.2-0ubuntu1.7
	14.04 LTS trusty	Fixed 2.14.1-0ubuntu3.18
	12.04 LTS precise	Fixed 2.0.1-0ubuntu17.13

Severity score breakdown

Parameter	Value
Base score	7.8 · High
Attack vector	Local
Attack complexity	Low
Privileges required	Low
User interaction	None
Scope	Unchanged
Confidentiality	High
Integrity impact	High
Availability impact	High
Vector	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2015-1341

Cvss 3 Severity Score

Description

Status

Severity score breakdown

References

Related Ubuntu Security Notices (USN)

Other references

Access our resources on patching vulnerabilities