Download
| Alert*
oval:org.secpod.oval:def:112605
flatpak is a system for building, distributing and running sandboxed desktop applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for more information. oval:org.secpod.oval:def:602968 It was discovered that Flatpak, an application deployment framework for desktop apps insufficiently restricted file permissinons in third-party repositories, which could result in privilege escalation. oval:org.secpod.oval:def:53089 It was discovered that Flatpak, an application deployment framework for desktop apps insufficiently restricted file permissinons in third-party repositories, which could result in privilege escalation. oval:org.secpod.oval:def:1901771 Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the controlli ... |