CVE-2019-8308

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the applyextra script sandbox, which allows attackers to modify a host-side executable file...

DEBIAN-CVE-2019-8308

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the applyextra script sandbox, which allows attackers to modify a host-side executable file...

CVE-2019-8308

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the applyextra script sandbox, which allows attackers to modify a host-side executable file...

CVE-2019-8308

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the applyextra script sandbox, which allows attackers to modify a host-side executable file...

CVE-2019-8308

CVE-2019-8308 affects Flatpak before 1.0.7 and 1.1.x and 1.2.x before 1.2.3, where the /proc is exposed in the apply_extra sandbox, enabling a local attacker to modify a host-side executable. CVSS v3 base score 8.2 (HIGH) with LOCAL attack vector, LOW privileges required, UI required, and impact ...

Debian: Security Advisory (DSA-4390-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 28 : flatpak (2018-4d68cf2b1c)

flatpak 1.0.6 release. This release fixes an issue that lets system-wide installed applications create setuid root files inside their app dir somewhere in /var/lib/flatpak/app. Setuid support is disabled inside flatpaks, so such files are only a risk if the user runs them manually outside flatpak...