Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2020/08/28 12:0 a.m.29 views

EulerOS 2.0 SP8 : flatpak (EulerOS-SA-2020-1846)

According to the version of the flatpak packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the applyextra script sandbox, which allows attackers to modify a host-si...

8.2CVSS7.5AI score0.00466EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for flatpak (EulerOS-SA-2019-1134)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS8.2AI score0.00466EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/10/08 9:49 a.m.23 views

CVE-2019-8308

A flaw was found in flatpak. In certain special cases, installing flatpak applications and runtimes system-wide may allow an attacker to escape the flatpak sandbox. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.2CVSS2.1AI score0.00466EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/09/03 12:0 a.m.37 views

openSUSE Security Update : flatpak (openSUSE-2019-2038)

This update for flatpak fixes the following issues : Security issues fixed : - CVE-2019-8308: Fixed a potential sandbox escape via /proc bsc1125431. - CVE-2019-11460: Fixed a compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl...

9CVSS6.4AI score0.01952EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2019/09/01 12:0 a.m.38 views

openSUSE: Security Advisory for flatpak (openSUSE-SU-2019:2038-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9CVSS8.1AI score0.01952EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/21 12:0 a.m.30 views

SUSE SLED15 / SLES15 Security Update : flatpak (SUSE-SU-2019:2185-1)

This update for flatpak fixes the following issues : Security issues fixed : CVE-2019-8308: Fixed a potential sandbox escape via /proc bsc1125431. CVE-2019-11460: Fixed a compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl bsc1133043...

9CVSS6.5AI score0.01952EPSS
Exploits0References10
OSV
OSV
added 2019/08/20 3:6 p.m.4 views

SUSE-SU-2019:2185-1 Security update for flatpak

This update for flatpak fixes the following issues: Security issues fixed: - CVE-2019-8308: Fixed a potential sandbox escape via /proc bsc1125431. - CVE-2019-11460: Fixed a compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl bsc1133043...

9CVSS8.4AI score0.01952EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.35 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : flatpak Vulnerability (NS-SA-2019-0056)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has flatpak packages installed that are affected by a vulnerability: - Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the applyextra script sandbox, which allows attackers to modify a host-side...

8.2CVSS7.5AI score0.00466EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/03/29 12:0 a.m.41 views

Amazon Linux 2 : flatpak (ALAS-2019-1183)

Earlier versions of flatpak exposes /proc in the applyextra script sandbox, which allows attackers to modify a host-side executable file.CVE-2019-8308 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux 2 Security Advisory...

8.2CVSS7.5AI score0.00466EPSS
Exploits0References2
Amazon
Amazon
added 2019/03/21 12:0 a.m.51 views

Important: flatpak

Issue Overview: Earlier versions of flatpak exposes /proc in the applyextra script sandbox, which allows attackers to modify a host-side executable file.CVE-2019-8308 Affected Packages: flatpak Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...

8.2CVSS8.3AI score0.00466EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/02/22 12:0 a.m.106 views

Scientific Linux Security Update : flatpak on SL7.x x86_64 (20190221)

Security Fixes : - flatpak: potential /proc based sandbox escape CVE-2019-8308 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid122391; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate",...

8.2CVSS7.5AI score0.00466EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/02/21 12:0 a.m.22 views

CentOS Update for flatpak CESA-2019:0375 centos7

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.2CVSS8.2AI score0.00466EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/02/21 12:0 a.m.64 views

CentOS 7 : flatpak (CESA-2019:0375)

An update for flatpak is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.2CVSS7.5AI score0.00466EPSS
Exploits0References2
Cent OS
Cent OS
added 2019/02/20 8:15 p.m.217 views

flatpak security update

CentOS Errata and Security Advisory CESA-2019:0375 An update for flatpak is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.2CVSS7.1AI score0.00466EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2019/02/20 12:0 a.m.51 views

Oracle Linux 7 : flatpak (ELSA-2019-0375)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-0375 advisory. 1.0.2-4 - Tweak /proc sandbox patch 1675433 1.0.2-3 - Do not mount /proc in root sandbox 1675433 Tenable has extracted the preceding description block directly...

8.2CVSS7.6AI score0.00466EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/02/20 12:0 a.m.45 views

RHEL 7 : flatpak (RHSA-2019:0375)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0375 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: potential /proc based...

8.2CVSS7.6AI score0.00466EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/02/19 5:57 p.m.105 views

Important: Red Hat Security Advisory: flatpak security update

An update for flatpak is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.2CVSS7.2AI score0.00466EPSS
Exploits0References2
OSV
OSV
added 2019/02/12 11:29 p.m.1 views

DEBIAN-CVE-2019-8308

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the applyextra script sandbox, which allows attackers to modify a host-side executable file...

8.2CVSS8.7AI score0.00466EPSS
Exploits0References1
CVE
CVE
added 2019/02/12 11:0 p.m.202 views

CVE-2019-8308

CVE-2019-8308 affects Flatpak before 1.0.7 and 1.1.x and 1.2.x before 1.2.3, where the /proc is exposed in the apply_extra sandbox, enabling a local attacker to modify a host-side executable. CVSS v3 base score 8.2 (HIGH) with LOCAL attack vector, LOW privileges required, UI required, and impact ...

8.2CVSS7.8AI score0.00466EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2019/02/12 11:0 p.m.20 views

CVE-2019-8308

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the applyextra script sandbox, which allows attackers to modify a host-side executable file...

7.9AI score0.00466EPSS
Exploits0References5
Rows per page
Query Builder