29 matches found
EUVD-2017-15012
Malware in sbrugna...
EUVD-2019-4094
Malware in sbrugna...
EUVD-2020-9322
Malware in sbrugna...
EUVD-2021-13694
Malware in sbrugna...
EUVD-2017-14289
Malware in sbrugna...
EUVD-2016-9838
Malware in sbrugna...
EUVD-2017-14313
Malware in sbrugna...
EUVD-2022-52798
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2019-12499
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firejail before 0.9.60 allows truncation resizing to length 0 of the firejail binary on the host by running exploit code inside a firejail sandbox and having th...
Linux Distros Unpatched Vulnerability : CVE-2017-5207
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument. CVE-2017-5207 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2019-12589
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Firejail before 0.9.60, seccomp filters are writable inside the jail, leading to a lack of intended seccomp restrictions for a process that is joined to the...
Linux Distros Unpatched Vulnerability : CVE-2020-17368
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection. CVE-2020-1736...
SUSE CVE-2017-5180
Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option...
SUSE CVE-2017-5207
Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument...
SUSE CVE-2019-12589
In Firejail before 0.9.60, seccomp filters are writable inside the jail, leading to a lack of intended seccomp restrictions for a process that is joined to the jail after a filter has been modified by an attacker...
PT-2022-3307
Name of the Vulnerable Software and Affected Versions Firejail versions 0.9.68 Description A Privilege Context Switching issue was discovered in join.c in Firejail. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can...
Ubuntu 20.04 LTS : Firejail vulnerability (USN-5141-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5141-1 advisory. Roman Fiedler discovered that a race condition existed in Firejail when using OverlayFS to prevent writes to the underlying file system. A local attacker could us...
DEBIAN-CVE-2021-26910
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation...
DEBIAN-CVE-2020-17367
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection...
CVE-2020-17367
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection...