Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firejail project firejail vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2019-12499
Firejail prior to 0.9.60 allows truncation (resizing to length 0) of the firejail binary on the host by running exploit code inside a firejail sandbox and having the sandbox terminated. To succeed, certain conditions need to be fulfilled: The jail (with the exploit code inside) n...
Firejail Project Firejail
668
VMScore
CVE-2020-17368
Firejail up to and including 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection.
Firejail Project Firejail
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.2
641
VMScore
CVE-2022-31214
A Privilege Context Switching issue exists in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial ...
Firejail Project Firejail 0.9.68
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 9.0
Debian Debian Linux 10.0
641
VMScore
CVE-2016-10121
Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.
Firejail Project Firejail -
641
VMScore
CVE-2016-10117
Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.
Firejail Project Firejail -
641
VMScore
CVE-2016-10119
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
Firejail Project Firejail -
641
VMScore
CVE-2016-10120
Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.
Firejail Project Firejail -
641
VMScore
CVE-2016-10122
Firejail does not properly clean environment variables, which allows local users to gain privileges.
Firejail Project Firejail -
641
VMScore
CVE-2016-10123
Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges.
Firejail Project Firejail -
641
VMScore
CVE-2017-5207
Firejail prior to 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument.
Firejail Project Firejail
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »