Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

11 – 13 of 13 results

CVE-2019-8308

Medium priority
Fixed

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

1 affected packages

flatpak

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
flatpak Fixed Not in release
Show less packages

CVE-2018-6560

Unknown priority
Ignored

In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to...

1 affected packages

flatpak

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
flatpak Not affected Not in release
Show less packages

CVE-2017-9780

Medium priority
Ignored

In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with those permissions, which would...

1 affected packages

flatpak

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
flatpak Not affected Not in release
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. Next page
Export to JSON