Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flatpak flatpak vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-10063
Flatpak prior to 1.0.8, 1.1.x and 1.2.x prior to 1.2.4, and 1.3.x prior to 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject c...
Flatpak Flatpak
Flatpak Flatpak 1.3.0
4.4
CVSSv2
CVE-2019-8308
Flatpak prior to 1.0.7, and 1.1.x and 1.2.x prior to 1.2.3, exposes /proc in the apply_extra script sandbox, which allows malicious users to modify a host-side executable file.
Flatpak Flatpak
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.6
7.2
CVSSv2
CVE-2017-9780
In Flatpak prior to 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with those permissions, which would let a local attacker run the setuid executable ...
Flatpak Flatpak
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2017-5226
When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an malicious user to escape the sandbox.
Projectatomic Bubblewrap
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2