Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firejail project firejail vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-5940
Firejail prior to 0.9.44.6 and 0.9.38.x LTS prior to 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink an...
Firejail Project Firejail
7.8
CVSSv3
CVE-2016-10120
Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.
Firejail Project Firejail -
7.8
CVSSv3
CVE-2016-10121
Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.
Firejail Project Firejail -
7.8
CVSSv3
CVE-2016-10117
Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.
Firejail Project Firejail -
7.8
CVSSv3
CVE-2016-10122
Firejail does not properly clean environment variables, which allows local users to gain privileges.
Firejail Project Firejail -
9
CVSSv3
CVE-2017-5206
Firejail prior to 0.9.44.4, when running on a Linux kernel prior to 4.8, allows context-dependent malicious users to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.
Firejail Project Firejail
7.8
CVSSv3
CVE-2017-5207
Firejail prior to 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument.
Firejail Project Firejail
8.1
CVSSv3
CVE-2019-12499
Firejail prior to 0.9.60 allows truncation (resizing to length 0) of the firejail binary on the host by running exploit code inside a firejail sandbox and having the sandbox terminated. To succeed, certain conditions need to be fulfilled: The jail (with the exploit code inside) n...
Firejail Project Firejail
3.3
CVSSv3
CVE-2016-10118
Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.
Firejail Project Firejail -
7.8
CVSSv3
CVE-2016-10119
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
Firejail Project Firejail -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »