Fedora 42 : flatpak (2026-2a3e305ac4)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2a3e305ac4 advisory. Update to 1.16.6 Fixes for CVE-2026-34078, CVE-2026-34079, GHSA-2fxp-43j9-pwvc and GHSA-89xm-3m96-w3jg Tenable has extracted the preceding descripti...

MiracleLinux 8 : flatpak-1.8.7-1.el8 (AXSA:2022-3593:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3593:03 advisory. flatpak: Permissions granted to applications can be hidden from the user at install time CVE-2021-43860 Tenable has extracted the preceding description block...

MiracleLinux 8 : flatpak-1.6.2-5.el8 (AXSA:2021-1455:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1455:03 advisory. flatpak: sandbox escape via spawn portal CVE-2021-21261 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

MiracleLinux 7 : flatpak-1.0.9-12.el7 (AXSA:2021-2510:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2510:07 advisory. flatpak: Sandbox bypass via recent VFS-manipulating syscalls CVE-2021-41133 Tenable has extracted the preceding description block directly from the...

TencentOS Server 3: krb5 (TSSA-2022:0231)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0231 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

SUSE SLED15 / SLES15 / openSUSE 15 : Recommended update for bubblewrap, flatpak, wayland-protocols (SUSE-SU-SUSE-RU-2025:0145-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-SUSE-RU-2025:0145-1 advisory. This update for bubblewrap, flatpak updates flatpak to 1.16.0. flatpak changes: - Update...

SUSE-RU-2025:0145-1 Recommended update for bubblewrap, flatpak, wayland-protocols

This update for bubblewrap, flatpak updates flatpak to 1.16.0. flatpak changes: - Update to version 1.16.0: + Bug fixes: - Update libglnx to 2024-12-06: . Fix an assertion failure if creating a parent directory encounters a dangling symlink. . Fix a Meson warning. . Don't emit terminal progress...

CVE-2024-42472

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...

Amazon Linux 2 : flatpak (ALAS-2021-1625)

The version of flatpak installed on the remote host is prior to 1.0.9-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1625 advisory. A sandbox escape flaw was found in the way flatpak handled special tokens in .desktop files. This flaw allows an attacker to gain...