Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 7 : flatpak-1.0.2-5.el7 (AXSA:2019-3881:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3881:02 advisory. flatpak: Sandbox bypass via IOCSTI incomplete fix for CVE-2017-5226 CVE-2019-10063 Tenable has extracted the preceding description block directly fr...

10CVSS7.2AI score0.03169EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.38 views

CentOS 8 : flatpak (CESA-2019:1143)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:1143 advisory. - flatpak: Sandbox bypass via IOCSTI incomplete fix for CVE-2017-5226 CVE-2019-10063 Note that Nessus has not tested for this issue but has instead relied only ...

9CVSS7.1AI score0.01909EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/03/24 12:0 a.m.63 views

Huawei EulerOS: Security Advisory for flatpak (EulerOS-SA-2020-1305)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.1AI score0.01909EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for flatpak (EulerOS-SA-2020-1004)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.1AI score0.01909EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.36 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : flatpak Vulnerability (NS-SA-2019-0084)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has flatpak packages installed that are affected by a vulnerability: - Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by...

9CVSS7.3AI score0.01909EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.34 views

Oracle Linux 8 : flatpak (ELSA-2019-1143)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-1143 advisory. 1.0.6-3 - Fix IOCSTI sandbox bypass 1700653 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

9CVSS7AI score0.01909EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/31 12:0 a.m.35 views

Amazon Linux 2 : flatpak (ALAS-2019-1219)

Flatpak allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the controlling terminal so that they would be executed outside the sandbox...

10CVSS7.1AI score0.03169EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/05/15 12:0 a.m.35 views

Oracle Linux 7 : flatpak (ELSA-2019-1024)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-1024 advisory. 1.0.2-5 - Fix IOCSTI sandbox bypass 1700651 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

9CVSS7.1AI score0.01909EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/05/14 12:0 a.m.82 views

CentOS Update for flatpak CESA-2019:1024 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.1AI score0.03169EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.33 views

CentOS 7 : flatpak (CESA-2019:1024)

An update for flatpak is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

10CVSS7.1AI score0.03169EPSS
Exploits1References2
Cent OS
Cent OS
added 2019/05/13 3:8 p.m.171 views

flatpak security update

CentOS Errata and Security Advisory CESA-2019:1024 An update for flatpak is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

10CVSS6.7AI score0.03169EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2019/05/13 5:3 a.m.122 views

Important: Red Hat Security Advisory: flatpak security update

An update for flatpak is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

10CVSS6.7AI score0.03169EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/05/09 12:0 a.m.36 views

Scientific Linux Security Update : flatpak on SL7.x x86_64 (20190508)

Security Fixes : - flatpak: Sandbox bypass via IOCSTI incomplete fix for CVE-2017-5226 CVE-2019-10063 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid124705; scriptversion"1.4";...

10CVSS7AI score0.03169EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2019/05/07 6:18 p.m.76 views

Important: Red Hat Security Advisory: flatpak security update

An update for flatpak is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

10CVSS6.7AI score0.03169EPSS
Exploits1References2
Prion
Prion
added 2019/04/22 10:29 p.m.21 views

Design/Logic Flaw

An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's...

6.8CVSS8.3AI score0.01952EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2019/04/22 9:29 p.m.28 views

Design/Logic Flaw

An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 and 3.32 prior to 3.32.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's controlling terminal, allowing...

4.4CVSS8.3AI score0.01909EPSS
Exploits0References3Affected Software1
ALT Linux
ALT Linux
added 2019/04/07 12:0 a.m.59 views

Security fix for the ALT Linux 10 package flatpak version 1.2.4-alt1

April 7, 2019 Yuri N. Sedunov 1.2.4-alt1 - 1.2.4 fixed CVE-2019-10063...

6.8CVSS7.1AI score0.01909EPSS
Exploits0
OSV
OSV
added 2019/03/26 2:29 p.m.2 views

UBUNTU-CVE-2019-10063

Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the...

9CVSS7.3AI score0.01909EPSS
Exploits0References4
OSV
OSV
added 2019/03/26 2:29 p.m.30 views

CVE-2019-10063

Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the...

9CVSS6.8AI score
Exploits0References3
CVE
CVE
added 2019/03/26 1:40 p.m.152 views

CVE-2019-10063

CVE-2019-10063 affects Flatpak before 1.0.8, 1.1.x before 1.2.4, and 1.3.x before 1.3.1, enabling a sandbox bypass via TIOCSTI in 64‑bit platforms. The prior fix (addressing CVE-2017-5226) used a seccomp filter to block TIOCSTI, but on 64‑bit systems an ioctl with TIOCSTI in the low 32 bits and a...

9CVSS7.3AI score0.01909EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder