CVE-2019-8308

Опубликовано: 12 фев. 2019

Источник: ubuntu

Приоритет: medium

CVSS2: 4.4

CVSS3: 8.2

Описание

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

Релиз	Статус	Примечание
bionic	released	1.0.7-0ubuntu0.18.04.1
cosmic	released	1.0.7-0ubuntu0.18.10.1
devel	not-affected	1.2.3-1
esm-apps/bionic	released	1.0.7-0ubuntu0.18.04.1
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	1.2.3-1
xenial	DNE

Показывать по

Ссылки на источники

4.4 Medium

CVSS2

8.2 High

CVSS3

Связанные уязвимости

CVE-2019-8308

CVSS3: 7.7

redhat

больше 6 лет назад

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

CVE-2019-8308

CVSS3: 8.2

nvd

больше 6 лет назад

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

CVE-2019-8308

CVSS3: 8.2

debian

больше 6 лет назад

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc ...

GHSA-26wh-22xw-qfqx

CVSS3: 8.2

github

больше 3 лет назад

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

ELSA-2019-0375

oracle-oval

больше 6 лет назад

ELSA-2019-0375: flatpak security update (IMPORTANT)

4.4 Medium

CVSS2

8.2 High

CVSS3

CVE-2019-8308

Описание

Пакет flatpak

Ссылки на источники

Связанные уязвимости