Количество 13
Количество 13
BDU:2024-04882
Уязвимость компонента App инструмента для управления приложениями и средами Flatpak, позволяющая нарушителю оказать воздействие на целостность данных
CVE-2023-28101
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4, if an attacker publishes a Flatpak app with elevated permissions, they can hide those permissions from users of the `flatpak(1)` command-line interface by setting other permissions to crafted values that contain non-printable control characters such as `ESC`. A fix is available in versions 1.10.8, 1.12.8, 1.14.4, and 1.15.4. As a workaround, use a GUI like GNOME Software rather than the command-line interface, or only install apps whose maintainers you trust.
CVE-2023-28101
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4, if an attacker publishes a Flatpak app with elevated permissions, they can hide those permissions from users of the `flatpak(1)` command-line interface by setting other permissions to crafted values that contain non-printable control characters such as `ESC`. A fix is available in versions 1.10.8, 1.12.8, 1.14.4, and 1.15.4. As a workaround, use a GUI like GNOME Software rather than the command-line interface, or only install apps whose maintainers you trust.
CVE-2023-28101
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4, if an attacker publishes a Flatpak app with elevated permissions, they can hide those permissions from users of the `flatpak(1)` command-line interface by setting other permissions to crafted values that contain non-printable control characters such as `ESC`. A fix is available in versions 1.10.8, 1.12.8, 1.14.4, and 1.15.4. As a workaround, use a GUI like GNOME Software rather than the command-line interface, or only install apps whose maintainers you trust.
CVE-2023-28101
Flatpak is a system for building, distributing, and running sandboxed ...
SUSE-SU-2023:1715-1
Security update for flatpak
SUSE-SU-2023:1714-1
Security update for flatpak
SUSE-SU-2023:1713-1
Security update for flatpak
SUSE-SU-2023:1712-1
Security update for flatpak
ROS-20240627-04
Множественные уязвимости flatpak
RLSA-2023:6518
Moderate: flatpak security, bug fix, and enhancement update
ELSA-2023-7038
ELSA-2023-7038: flatpak security, bug fix, and enhancement update (MODERATE)
ELSA-2023-6518
ELSA-2023-6518: flatpak security, bug fix, and enhancement update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-04882 Уязвимость компонента App инструмента для управления приложениями и средами Flatpak, позволяющая нарушителю оказать воздействие на целостность данных | CVSS3: 4.3 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-28101 Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4, if an attacker publishes a Flatpak app with elevated permissions, they can hide those permissions from users of the `flatpak(1)` command-line interface by setting other permissions to crafted values that contain non-printable control characters such as `ESC`. A fix is available in versions 1.10.8, 1.12.8, 1.14.4, and 1.15.4. As a workaround, use a GUI like GNOME Software rather than the command-line interface, or only install apps whose maintainers you trust. | CVSS3: 5 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-28101 Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4, if an attacker publishes a Flatpak app with elevated permissions, they can hide those permissions from users of the `flatpak(1)` command-line interface by setting other permissions to crafted values that contain non-printable control characters such as `ESC`. A fix is available in versions 1.10.8, 1.12.8, 1.14.4, and 1.15.4. As a workaround, use a GUI like GNOME Software rather than the command-line interface, or only install apps whose maintainers you trust. | CVSS3: 6.2 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-28101 Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4, if an attacker publishes a Flatpak app with elevated permissions, they can hide those permissions from users of the `flatpak(1)` command-line interface by setting other permissions to crafted values that contain non-printable control characters such as `ESC`. A fix is available in versions 1.10.8, 1.12.8, 1.14.4, and 1.15.4. As a workaround, use a GUI like GNOME Software rather than the command-line interface, or only install apps whose maintainers you trust. | CVSS3: 5 | 0% Низкий | больше 2 лет назад |
| CVE-2023-28101 Flatpak is a system for building, distributing, and running sandboxed ... | CVSS3: 5 | 0% Низкий | больше 2 лет назад |
 | SUSE-SU-2023:1715-1 Security update for flatpak | около 2 лет назад | ||
| SUSE-SU-2023:1714-1 Security update for flatpak | около 2 лет назад | ||
| SUSE-SU-2023:1713-1 Security update for flatpak | около 2 лет назад | ||
| SUSE-SU-2023:1712-1 Security update for flatpak | около 2 лет назад | ||
 | ROS-20240627-04 Множественные уязвимости flatpak | CVSS3: 6.5 | около 1 года назад | |
 | RLSA-2023:6518 Moderate: flatpak security, bug fix, and enhancement update | около 1 года назад | ||
| ELSA-2023-7038 ELSA-2023-7038: flatpak security, bug fix, and enhancement update (MODERATE) | больше 1 года назад | ||
| ELSA-2023-6518 ELSA-2023-6518: flatpak security, bug fix, and enhancement update (MODERATE) | больше 1 года назад |
Уязвимостей на страницу