Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firejail vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2017-5207
Firejail prior to 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument.
Firejail Project Firejail
641
VMScore
CVE-2016-10122
Firejail does not properly clean environment variables, which allows local users to gain privileges.
Firejail Project Firejail -
641
VMScore
CVE-2016-9016
Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
Firejail Project Firejail 0.9.38.4
615
VMScore
CVE-2021-26910
Firejail prior to 0.9.64.4 allows malicious users to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.
Firejail Project Firejail
Debian Debian Linux 9.0
Debian Debian Linux 10.0
3 Github repositories
605
VMScore
CVE-2017-5206
Firejail prior to 0.9.44.4, when running on a Linux kernel prior to 4.8, allows context-dependent malicious users to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.
Firejail Project Firejail
668
VMScore
CVE-2020-17368
Firejail up to and including 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection.
Firejail Project Firejail
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.2
409
VMScore
CVE-2020-17367
Firejail up to and including 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.
Firejail Project Firejail
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Opensuse Leap 15.2
641
VMScore
CVE-2022-31214
A Privilege Context Switching issue exists in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial ...
Firejail Project Firejail 0.9.68
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 9.0
Debian Debian Linux 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2