Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firejail project firejail vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2022-31214
A Privilege Context Switching issue exists in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial ...
Firejail Project Firejail 0.9.68
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 9.0
Debian Debian Linux 10.0
615
VMScore
CVE-2021-26910
Firejail prior to 0.9.64.4 allows malicious users to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.
Firejail Project Firejail
Debian Debian Linux 9.0
Debian Debian Linux 10.0
3 Github repositories
409
VMScore
CVE-2020-17367
Firejail up to and including 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.
Firejail Project Firejail
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Opensuse Leap 15.2
668
VMScore
CVE-2020-17368
Firejail up to and including 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection.
Firejail Project Firejail
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.2
409
VMScore
CVE-2019-12589
In Firejail prior to 0.9.60, seccomp filters are writable inside the jail, leading to a lack of intended seccomp restrictions for a process that is joined to the jail after a filter has been modified by an attacker.
Firejail Project Firejail
828
VMScore
CVE-2019-12499
Firejail prior to 0.9.60 allows truncation (resizing to length 0) of the firejail binary on the host by running exploit code inside a firejail sandbox and having the sandbox terminated. To succeed, certain conditions need to be fulfilled: The jail (with the exploit code inside) n...
Firejail Project Firejail
641
VMScore
CVE-2016-10123
Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges.
Firejail Project Firejail -
641
VMScore
CVE-2016-10122
Firejail does not properly clean environment variables, which allows local users to gain privileges.
Firejail Project Firejail -
641
VMScore
CVE-2016-10119
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
Firejail Project Firejail -
641
VMScore
CVE-2016-10120
Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.
Firejail Project Firejail -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »