Firejail up to and including 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
firejail project firejail |
||
debian debian linux 10.0 |
||
fedoraproject fedora 31 |
||
fedoraproject fedora 32 |
||
debian debian linux 9.0 |
||
opensuse leap 15.2 |