CVE-2019-8308

Опубликовано: 12 фев. 2019

Источник: debian

Описание

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
flatpak	fixed	1.2.3-1		package

Связанные уязвимости

CVE-2019-8308

CVSS3: 8.2

ubuntu

почти 7 лет назад

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

CVE-2019-8308

CVSS3: 7.7

redhat

почти 7 лет назад

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

CVE-2019-8308

CVSS3: 8.2

nvd

почти 7 лет назад

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

GHSA-26wh-22xw-qfqx

CVSS3: 8.2

github

больше 3 лет назад

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

ELSA-2019-0375

oracle-oval

почти 7 лет назад

ELSA-2019-0375: flatpak security update (IMPORTANT)