Lucene search
K

34 matches found

OSV
OSV
added 2026/05/28 12:0 a.m.9 views

ALSA-2026:21756 Important: flatpak security update

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options CVE-2026-34078 flatpak: Flatpak: Arbitrary file deletion on host via improper cache file...

10CVSS7.7AI score0.0168EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2026/05/28 12:0 a.m.19 views

Important: flatpak security update

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options CVE-2026-34078 flatpak: Flatpak: Arbitrary file deletion on host via improper cache file...

10CVSS7.7AI score0.0168EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2026/05/06 12:6 p.m.4 views

Security update for flatpak

This update for flatpak fixes the following issues: CVE-2026-34078: Arbitrary code execution via crafted symlinks in sandbox-expose options bsc1261769. CVE-2026-34079: Arbitrary file deletion on host via improper cache file path validation bsc1261770. Patch Instructions: To install this SUSE upda...

8.2CVSS7.6AI score0.0168EPSS
Exploits0References8
OSV
OSV
added 2026/05/06 12:6 p.m.7 views

SUSE-SU-2026:1713-1 Security update for flatpak

This update for flatpak fixes the following issues: - CVE-2026-34078: Arbitrary code execution via crafted symlinks in sandbox-expose options bsc1261769. - CVE-2026-34079: Arbitrary file deletion on host via improper cache file path validation bsc1261770...

10CVSS6.4AI score0.0168EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2026/04/24 11:46 a.m.6 views

Security update for flatpak

This update for flatpak fixes the following issues: CVE-2026-34078: Arbitrary code execution via crafted symlinks in sandbox-expose options bsc1261769. CVE-2026-34079: Arbitrary file deletion on host via improper cache file path validation bsc1261770. Patch Instructions: To install this SUSE upda...

8.2CVSS8AI score0.0168EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

SUSE SLES15 Security Update : flatpak (SUSE-SU-2026:1511-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1511-1 advisory. - CVE-2026-34078: Arbitrary code execution via crafted symlinks in sandbox-expose options bsc1261769. - CVE-2026-34079: Arbitrary...

10CVSS8.3AI score0.0168EPSS
Exploits0References7
SUSE Linux
SUSE Linux
added 2026/04/21 6:28 a.m.6 views

Security update for flatpak

This update for flatpak fixes the following issues: CVE-2026-34078: Arbitrary code execution via crafted symlinks in sandbox-expose options bsc1261769. CVE-2026-34079: Arbitrary file deletion on host via improper cache file path validation bsc1261770. Patch Instructions: To install this SUSE upda...

8.2CVSS7.6AI score0.0168EPSS
Exploits0References8
OSV
OSV
added 2026/04/21 6:28 a.m.4 views

SUSE-SU-2026:1511-1 Security update for flatpak

This update for flatpak fixes the following issues: - CVE-2026-34078: Arbitrary code execution via crafted symlinks in sandbox-expose options bsc1261769. - CVE-2026-34079: Arbitrary file deletion on host via improper cache file path validation bsc1261770...

10CVSS6.2AI score0.0168EPSS
Exploits0References5
OSV
OSV
added 2026/04/07 10:16 p.m.2 views

DEBIAN-CVE-2026-34079

Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps to delete arbitrary files on t...

7.5CVSS5.5AI score0.00323EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/11/13 6:55 p.m.4 views

buildah: Buildah allows arbitrary directory mount

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a RUN instruction in a Container file to mount an arbitrary directory from the host read/write into the container as long as those files can...

7.8CVSS7.3AI score0.00392EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/11/08 3:4 p.m.35 views

buildah: Buildah allows arbitrary directory mount

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a RUN instruction in a Container file to mount an arbitrary directory from the host read/write into the container as long as those files can...

7.8CVSS7.3AI score0.00392EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/10/31 1:50 p.m.4 views

buildah: Buildah allows arbitrary directory mount

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a RUN instruction in a Container file to mount an arbitrary directory from the host read/write into the container as long as those files can...

7.8CVSS7.3AI score0.00392EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/10/31 1:18 p.m.5 views

buildah: Buildah allows arbitrary directory mount

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a RUN instruction in a Container file to mount an arbitrary directory from the host read/write into the container as long as those files can...

7.8CVSS7.3AI score0.00392EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/10/11 3:18 a.m.4 views

SUSE CVE-2024-9675

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a RUN instruction in a Container file to mount an arbitrary directory from the host read/write into the container as long as those files can...

4.4CVSS7.7AI score0.00392EPSS
Exploits0References20
Rows per page
Query Builder