2 matches found
Fedora 43 : yelp (2026-7c3b91a2bc)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7c3b91a2bc advisory. Yelp 49.1, fixing: Flatpak applications are able to exfiltrate host files due to yelp's CSP being too permissive Tenable has extracted the preceding...
Important: bubblewrap
Issue Overview: A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This flaw allows a local user or attacker to craft a symbolic link that can bypass the intended restrictions, enabling access to and modification of files...