Firejail@* Security Vulnerabilities and Issues — Firejail@* CVE List

Lucene search

Firejail ProjectFirejail*

4 matches found

CVE•added 2017/02/09 6:59 p.m.•51 views

CVE-2017-5940

Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option....

8.8CVSS8.2AI score0.0039EPSS

CVE•added 2017/03/23 4:59 p.m.•48 views

CVE-2017-5206

Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.

9CVSS8.7AI score0.0241EPSS

CVE•added 2017/02/09 6:59 p.m.•45 views

CVE-2017-5180

Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option.

8.8CVSS8AI score0.0039EPSS

CVE•added 2017/03/23 4:59 p.m.•36 views

CVE-2017-5207

Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument.

7.8CVSS7.8AI score0.00037EPSS