Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.9 views

Amazon Linux 2023 : xdg-desktop-portal, xdg-desktop-portal-devel (ALAS2023-2026-1669)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1669 advisory. Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on gfiletrash. CVE-2026-40354 Tenable has extracted t...

6.3CVSS5.8AI score0.00128EPSS
Exploits0References4
Amazon
Amazon
added 2026/05/14 12:0 a.m.15 views

Medium: xdg-desktop-portal

Issue Overview: Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on gfiletrash. CVE-2026-40354 Affected Packages: xdg-desktop-portal Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

6.3CVSS5.8AI score0.00128EPSS
Exploits0
OSV
OSV
added 2026/05/03 9:57 a.m.5 views

OESA-2026-2184 xdg-desktop-portal security update

xdg-desktop-portal works by exposing a series of D-Bus interfaces known as portals under a well-known name org.freedesktop.portal.Desktop and object path /org/freedesktop/portal/desktop. The portal interfaces include APIs for file access, opening URIs, printing and others. Security Fixes: Flatpak...

6.3CVSS5.8AI score0.00128EPSS
Exploits0References2
OSV
OSV
added 2026/05/03 9:57 a.m.4 views

OESA-2026-2183 xdg-desktop-portal security update

xdg-desktop-portal works by exposing a series of D-Bus interfaces known as portals under a well-known name org.freedesktop.portal.Desktop and object path /org/freedesktop/portal/desktop. The portal interfaces include APIs for file access, opening URIs, printing and others. Security Fixes: Flatpak...

6.3CVSS5.8AI score0.00128EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/11 12:29 a.m.4 views

CVE-2026-40354

Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on gfiletrash...

2.9CVSS5.8AI score0.00128EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/11 12:29 a.m.31 views

CVE-2026-40354

Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on gfiletrash...

2.9CVSS0.00128EPSS
Exploits0References4
Rows per page
Query Builder