Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2021-103405
HistoryOct 11, 2021 - 12:00 a.m.

Flatpak input validation error vulnerability

2021-10-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
13

0.0005 Low

EPSS

Percentile

17.1%

Flatpak is a suite of application virtualization systems for Linux desktop application computing environments. versions prior to Flatpak 1.12.0 and 1.10.4 contain an input validation error vulnerability that stems from direct access to AF_UNIX sockets (such as those used by Wayland, Pipewire or Pipewire pulse ) of the Flatpak application can trick portals and other host OS services into treating the Flatpak application as a normal, non-sandboxed host OS process. No detailed vulnerability details are currently available.