Important: flatpak security update

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options CVE-2026-34078 flatpak: Flatpak: Arbitrary file deletion on host via improper cache file...

Updated flatpak packages fix security vulnerabilities

Complete sandbox escape leading to host file access and code execution in the host context. CVE-2026-34078 Arbitrary file deletion on the host filesystem. CVE-2026-34079...

SUSE-SU-2026:1713-1 Security update for flatpak

This update for flatpak fixes the following issues: - CVE-2026-34078: Arbitrary code execution via crafted symlinks in sandbox-expose options bsc1261769. - CVE-2026-34079: Arbitrary file deletion on host via improper cache file path validation bsc1261770...

[BSA-131] Security Update for flatpak

Simon McVittie uploaded new packages for flatpak which fixed the following security problems, the same as in DSA 6207-1: CVE-2026-34078, which allowed a Flatpak app to break out of the sandbox, resulting in code execution in the host context CVE-2026-34079, which allowed a Flatpak app to delete...

EUVD-2017-18710

Malware in sbrugna...

EUVD-2019-2124

Malware in sbrugna...

EUVD-2023-31826

Malicious code in bioql PyPI...

[SECURITY] [DLA 4099-1] flatpak security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4099-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk March 31, 2025 https://wiki.debian.org/LTS -...

Linux Distros Unpatched Vulnerability : CVE-2024-42472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.102005)

The version of AHV installed on the remote host is prior to 20230302.102005. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.102005 advisory. - An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overfl...

Important: bubblewrap and flatpak security update

Bubblewrap /usr/bin/bwrap is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces. Security Fixes: flatpak: Access to files outside sandbox for apps using persistent= --persist CVE-2024-42472 For more details about the security issue...

Important: Red Hat Security Advisory: bubblewrap and flatpak security update

An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: bubblewrap and flatpak security update

An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

CVE-2024-42472 Flatpak may allow access to files outside sandbox for certain apps

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...

CVE-2024-42472

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...

[SECURITY] [DSA 5749-1] flatpak security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5749-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 14, 2024 https://www.debian.org/security/faq -...

MGASA-2024-0229 Updated flatpak packages fix security vulnerability

A malicious or compromised Flatpak app could execute arbitrary code outside its sandbox...

SUSE-SU-2024:1548-1 Security update for flatpak

This update for flatpak fixes the following issues: - CVE-2024-32462: Fixed arbitrary code execution outside sandbox via malicious app due to insufficient 'command' argument sanitization bsc1223110...

SUSE-SU-2024:1547-1 Security update for flatpak

This update for flatpak fixes the following issues: - CVE-2024-32462: Fixed arbitrary code execution outside sandbox via malicious app due to insufficient 'command' argument sanitization bsc1223110...

SUSE-SU-2024:1536-1 Security update for flatpak

This update for flatpak fixes the following issues: - CVE-2024-32462: Fixed arbitrary code execution outside sandbox via malicious app due to insufficient 'command' argument sanitization bsc1223110...