23 matches found
MiracleLinux 8 : flatpak-1.8.7-1.el8 (AXSA:2022-3593:03)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3593:03 advisory. flatpak: Permissions granted to applications can be hidden from the user at install time CVE-2021-43860 Tenable has extracted the preceding description block...
Alibaba Cloud Linux 3 : 0207: flatpak (ALINUX3-SA-2022:0207)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0207 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-43860: Flatpak is a Linux application...
Amazon Linux 2022 : flatpak, flatpak-devel, flatpak-libs (ALAS2022-2022-021)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-021 advisory. An incorrect authorization vulnerability was found in Flatpak. Flatpak does not properly validate that the permissions displayed to the user for an app at install time match the actual...
Amazon Linux 2 : flatpak (ALAS-2024-2518)
The version of flatpak installed on the remote host is prior to 1.0.9-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2518 advisory. Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properl...
Medium: flatpak
Issue Overview: Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the cas...
Rocky Linux 8 : flatpak (RLSA-2022:1792)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1792 advisory. - Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissio...
SUSE: Security Advisory (SUSE-SU-2022:3284-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 8 : flatpak (ELSA-2022-1792)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1792 advisory. 1.8.7-1 - Rebase to 1.8.7 2041972 1.8.6-1 - Rebase to 1.8.6 2010533 1.8.5-6 - Fix CVE-2021-41133 2012869 Tenable has extracted the preceding description block...
AlmaLinux 8 : flatpak (ALSA-2022:1792)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1792 advisory. - Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions...
RHEL 8 : flatpak (RHSA-2022:1792)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1792 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Permissions granted to...
Moderate: Red Hat Security Advisory: flatpak security and bug fix update
An update for flatpak is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
RLSA-2022:1792 Moderate: flatpak security and bug fix update
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Permissions granted to applications can be hidden from the user at install time CVE-2021-43860 For more details about the security issues, including the impact, a CVSS...
CentOS 8 : flatpak (CESA-2022:1792)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:1792 advisory. - flatpak: Permissions granted to applications can be hidden from the user at install time CVE-2021-43860 Note that Nessus has not tested for this issue but has...
Updated flatpak packages fix security vulnerability
Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the case that there's a null byte in the metadata file of an app. CVE-2021-43860 Path traversal vulnerability CVE-2022-21682 Vario...
openSUSE 15 Security Update : flatpak (openSUSE-SU-2022:0712-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0712-1 advisory. - Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly...
openSUSE: Security Advisory for flatpak (openSUSE-SU-2022:0712-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for flatpak (important)
openSUSE Security Update: Security update for flatpak Announcement ID: openSUSE-SU-2022:0712-1 Rating: important References: 1194610 1194611 Cross-References: CVE-2021-43860 CVE-2022-21682 CVSS scores: CVE-2021-43860 NVD : 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2022-21682 NVD : 6.5...
Fedora: Security Advisory for flatpak-builder (FEDORA-2022-8c64cb0992)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Debian: Security Advisory (DSA-5049-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5049-1] flatpak security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5049-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 20, 2022 https://www.debian.org/security/faq -...