Lucene search
K

11 matches found

OSV
OSV
added 2026/05/26 9:51 a.m.6 views

OPENSUSE-SU-2026:20811-1 Security update for bubblewrap

This update for bubblewrap fixes the following issue - CVE-2026-41163: improper process attachment via ptrace can lead to arbitrary privileged operations and local root escalation bsc1263113...

8.7CVSS5.9AI score0.00274EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 7 : flatpak-1.0.9-13.0.1.el7.AXS7 (AXSA:2024-8901:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8901:07 advisory. CVE-2024-42472: access to files outside sandbox for apps using persistent directories CVEs: CVE-2024-42472 Flatpak is a Linux application sandboxing and...

10CVSS7.8AI score0.01283EPSS
Exploits1References2
OSV
OSV
added 2025/11/19 2:16 a.m.3 views

MGASA-2025-0303 Updated flatpak & bubblewrap packages fix security vulnerability

Flatpak may allow access to files outside sandbox for certain apps. CVE-2024-42472...

10CVSS6.9AI score0.01283EPSS
Exploits1References3
Mageia
Mageia
added 2025/11/19 2:16 a.m.14 views

Updated flatpak & bubblewrap packages fix security vulnerability

Flatpak may allow access to files outside sandbox for certain apps. CVE-2024-42472...

10CVSS7.1AI score0.01283EPSS
Exploits1References2
Rosalinux
Rosalinux
added 2025/04/11 10:8 p.m.13 views

Advisory ROSA-SA-2025-2837

Software: bubblewrap 0.4.0 OS: ROSA Virtualization 2.1 packageevrstring: bubblewrap-0.4.0-2.rv3 CVE-ID: CVE-2024-42472 BDU-ID: 2024-06671 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Flatpak application and environment management tool is related to improper neutralization of special output...

10CVSS9.5AI score0.01283EPSS
Exploits1
Debian
Debian
added 2025/03/31 11:13 a.m.9 views

[SECURITY] [DLA 4099-1] flatpak security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4099-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk March 31, 2025 https://wiki.debian.org/LTS -...

10CVSS9.6AI score0.01283EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/01/17 12:0 a.m.4 views

SUSE SLED15: bubblewrap / bubblewrap-zsh-completion / flatpak / flatpak-devel / etc (SUSE-SU-SUSE-RU-2025:0145-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-SUSE-RU-2025:0145-1 advisory. This update for bubblewrap, flatpak updates flatpak to 1.16.0. flatpak changes: - Update...

10CVSS7.1AI score0.01283EPSS
Exploits2References8
OSV
OSV
added 2025/01/16 2:27 p.m.7 views

SUSE-RU-2025:0145-1 Recommended update for bubblewrap, flatpak, wayland-protocols

This update for bubblewrap, flatpak updates flatpak to 1.16.0. flatpak changes: - Update to version 1.16.0: + Bug fixes: - Update libglnx to 2024-12-06: . Fix an assertion failure if creating a parent directory encounters a dangling symlink. . Fix a Meson warning. . Don't emit terminal progress...

10CVSS9.1AI score0.01283EPSS
Exploits2References6
Amazon
Amazon
added 2024/10/14 12:0 a.m.4 views

Important: bubblewrap

Issue Overview: A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This flaw allows a local user or attacker to craft a symbolic link that can bypass the intended restrictions, enabling access to and modification of files...

10CVSS7.2AI score0.01283EPSS
Exploits1
OSV
OSV
added 2019/06/10 9:32 a.m.3 views

OPENSUSE-SU-2019:1535-1 Security update for bubblewrap

This update for bubblewrap to version 0.3.3 fixes the following issue: Security issue fixed: - CVE-2019-12439: Fixed a temporary directory misuse as mount point which could have allowed local user to prevent others from running bubblewrap...

7.8CVSS7.6AI score0.00494EPSS
Exploits0References3
Fedora
Fedora
added 2019/05/04 12:17 a.m.14 views

[SECURITY] Fedora 30 Update: bubblewrap-0.3.3-2.fc30

Bubblewrap /usr/bin/bwrap is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces...

4.7AI score
Exploits0
Rows per page
Query Builder