34 matches found
Astra Linux - уязвимость в flatpak
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Starting from version 0.9.4 and before version 1.10.2, Flatpak has a vulnerability in its “file forwarding” feature, which can be exploited by attackers to gain access to files that would normally...
EUVD-2021-8687
Malicious code in bioql PyPI...
GLSA-202312-12 : Flatpak: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202312-12 Flatpak: Multiple Vulnerabilities - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In Flatpack since version 0.9.4 and before version 1.10.2 has a vulnerability in th...
SUSE CVE-2021-21381
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In Flatpack since version 0.9.4 and before version 1.10.2 has a vulnerability in the "file forwarding" feature which can be used by an attacker to gain access to files that would not ordinarily be...
SUSE SLES15 Security Update : flatpak (SUSE-SU-2022:2990-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2990-1 advisory. - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the...
NewStart CGSL CORE 5.05 / MAIN 5.05 : flatpak Vulnerability (NS-SA-2022-0043)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has flatpak packages installed that are affected by a vulnerability: - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In Flatpack since version 0.9.4 and before version 1.10...
NewStart CGSL CORE 5.04 / MAIN 5.04 : flatpak Vulnerability (NS-SA-2022-0010)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has flatpak packages installed that are affected by a vulnerability: - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In Flatpack since version 0.9.4 and before version 1.10...
NewStart CGSL MAIN 6.02 : flatpak Vulnerability (NS-SA-2021-0132)
The remote NewStart CGSL host, running version MAIN 6.02, has flatpak packages installed that are affected by a vulnerability: - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In Flatpack since version 0.9.4 and before version 1.10.2 has a...
CentOS: Security Advisory for flatpak (CESA-2021:1002)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
flatpak security update
CentOS Errata and Security Advisory CESA-2021:1002 An update for flatpak is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CentOS 7 : flatpak (RHSA-2021:1002)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1002 advisory. - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In Flatpack since version 0.9.4 and before version 1.10.2...
Ubuntu 18.04 LTS / 20.04 LTS : Flatpak vulnerability (USN-4951-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4951-1 advisory. Anton Lydike discovered that Flatpak did not properly handle special tokens in desktop files. An attacker could use this to specially craft a Flatpak...
CentOS 8 : flatpak (CESA-2021:1068)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1068 advisory. - flatpak: file forwarding feature can be used to gain unprivileged access to files CVE-2021-21381 Note that Nessus has not tested for this issue but has instea...
Oracle Linux 8 : flatpak (ELSA-2021-1068)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1068 advisory. 1.6.2-6 - Fix CVE-2021-21381 1938062 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus ha...
Important: Red Hat Security Advisory: flatpak security update
An update for flatpak is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: Red Hat Security Advisory: flatpak security update
An update for flatpak is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 8 : flatpak (RHSA-2021:1074)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1074 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: file forwarding feature...
Amazon Linux 2 : flatpak (ALAS-2021-1625)
The version of flatpak installed on the remote host is prior to 1.0.9-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1625 advisory. A sandbox escape flaw was found in the way flatpak handled special tokens in .desktop files. This flaw allows an attacker to gain...
flatpak: "file forwarding" feature can be used to gain unprivileged access to files
A sandbox escape flaw was found in the way flatpak handled special tokens in ".desktop" files. This flaw allows an attacker to gain access to files that are not ordinarily allowed by the app's permissions. The highest threat from this vulnerability is to confidentiality and integrity...
Important: Red Hat Security Advisory: flatpak security update
An update for flatpak is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...