CVE-2020-15701

Name: CVE-2020-15701
Creator: NVD / NIST
Published: 2020-08-06T23:15:11.67+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.5/10EPSS 0.43%

Last modified Jun 17, 2026

CVE-2020-15701 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. EPSS estimates a 0.43% chance of exploitation in the next 30 days.

Description

An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6.

Metrics

CVSS 3.1

5.5/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

0.43%

34.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Canonical	Apport	2.20.11-0ubuntu8
Canonical	Apport	2.20.11-0ubuntu9
Canonical	Apport	2.20.11-0ubuntu10
Canonical	Apport	2.20.11-0ubuntu11
Canonical	Apport	2.20.11-0ubuntu12
Canonical	Apport	2.20.11-0ubuntu13
Canonical	Apport	2.20.11-0ubuntu14
Canonical	Apport	2.20.11-0ubuntu15
Canonical	Apport	2.20.11-0ubuntu16
Canonical	Apport	2.20.11-0ubuntu17
Canonical	Apport	2.20.11-0ubuntu18
Canonical	Apport	2.20.11-0ubuntu19
Canonical	Apport	2.20.11-0ubuntu20
Canonical	Apport	2.20.11-0ubuntu21
Canonical	Apport	2.20.11-0ubuntu22
Canonical	Apport	2.20.11-0ubuntu23
Canonical	Apport	2.20.11-0ubuntu24
Canonical	Apport	2.20.11-0ubuntu25
Canonical	Apport	2.20.11-0ubuntu26
Canonical	Apport	2.20.11-0ubuntu27
Canonical	Apport	2.20.11-0ubuntu27.2
Canonical	Apport	2.20.11-0ubuntu27.3
Canonical	Apport	2.20.11-0ubuntu27.4
Canonical	Apport	2.20.11-0ubuntu27.5
Canonical	Apport	2.20.7-0ubuntu3
Canonical	Apport	2.20.7-0ubuntu3.1
Canonical	Apport	2.20.7-0ubuntu4
Canonical	Apport	2.20.8-0ubuntu1
Canonical	Apport	2.20.8-0ubuntu2
Canonical	Apport	2.20.8-0ubuntu3
Canonical	Apport	2.20.8-0ubuntu4
Canonical	Apport	2.20.8-0ubuntu5
Canonical	Apport	2.20.8-0ubuntu6
Canonical	Apport	2.20.8-0ubuntu7
Canonical	Apport	2.20.8-0ubuntu8
Canonical	Apport	2.20.8-0ubuntu9
Canonical	Apport	2.20.8-0ubuntu10
Canonical	Apport	2.20.9-0ubuntu1
Canonical	Apport	2.20.9-0ubuntu2
Canonical	Apport	2.20.9-0ubuntu3
Canonical	Apport	2.20.9-0ubuntu4
Canonical	Apport	2.20.9-0ubuntu5
Canonical	Apport	2.20.9-0ubuntu6
Canonical	Apport	2.20.9-0ubuntu7
Canonical	Apport	2.20.9-0ubuntu7.1
Canonical	Apport	2.20.9-0ubuntu7.2
Canonical	Apport	2.20.9-0ubuntu7.3
Canonical	Apport	2.20.9-0ubuntu7.4
Canonical	Apport	2.20.9-0ubuntu7.5
Canonical	Apport	2.20.9-0ubuntu7.6

Showing 50 of 104 affected configurations. See NVD for the full list.

References

https://launchpad.net/bugs/1877023Exploit, Issue Tracking, Third Party Advisory
https://usn.ubuntu.com/4449-1Vendor Advisory
https://usn.ubuntu.com/4449-1/Vendor Advisory
https://usn.ubuntu.com/4449-2/Vendor Advisory
https://launchpad.net/bugs/1877023Exploit, Issue Tracking, Third Party Advisory
https://usn.ubuntu.com/4449-1Vendor Advisory
https://usn.ubuntu.com/4449-1/Vendor Advisory
https://usn.ubuntu.com/4449-2/Vendor Advisory

Timeline

Published: Aug 6, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-15701?

How severe is CVE-2020-15701?

CVE-2020-15701 has a CVSS score of 5.5/10 (MEDIUM severity). The EPSS model estimates a 0.43% probability of exploitation in the next 30 days.

How do I fix CVE-2020-15701?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-15701?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST