Download
| Alert*
oval:org.secpod.oval:def:66431
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix: * flatpak: Sandbox bypass via IOCSTI For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pa ... oval:org.secpod.oval:def:502651 Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix: * flatpak: Sandbox bypass via IOCSTI For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pa ... oval:org.secpod.oval:def:205200 Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix: * flatpak: Sandbox bypass via IOCSTI For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pa ... oval:org.secpod.oval:def:1901771 Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the controlli ... oval:org.secpod.oval:def:502704 Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix: * flatpak: Sandbox bypass via IOCSTI For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pa ... oval:org.secpod.oval:def:1502498 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502647 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700176 Flatpak allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the controlling terminal so that they would be executed outside the sandbox afte ... |