Unrated severityOSV Advisory· Published Feb 12, 2019· Updated Aug 4, 2024
CVE-2019-8308
CVE-2019-8308
Description
Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords2 versionspkg:rpm/opensuse/flatpak&distro=openSUSE%20Leap%2015.0pkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015
< 0.10.4-lp150.8.1+ 1 more
- (no CPE)range: < 0.10.4-lp150.8.1
- (no CPE)range: < 0.10.4-4.10.1
Patches
Vulnerability mechanics
References
5- lists.opensuse.org/opensuse-security-announce/2019-08/msg00088.htmlmitrevendor-advisoryx_refsource_SUSE
- access.redhat.com/errata/RHSA-2019:0375mitrevendor-advisoryx_refsource_REDHAT
- bugs.debian.org/cgi-bin/bugreport.cgimitrex_refsource_MISC
- github.com/flatpak/flatpak/releases/tag/1.0.7mitrex_refsource_MISC
- github.com/flatpak/flatpak/releases/tag/1.2.3mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.