rpm package
opensuse/flatpak-builder&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/flatpak-builder&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-39977 | Med | 6.3 | < 1.4.8-1.1 | 1.4.8-1.1 | Apr 9, 2026 | flatpak-builder is a tool to build flatpaks from source. From 1.4.5 to before 1.4.8, the license-files manifest key takes an array of paths to user defined licence files relative to the source directory of the module. The paths from that array are resolved using g_file_resolve_re | |
| CVE-2022-21682 | — | < 1.2.2-1.1 | 1.2.2-1.1 | Jan 13, 2022 | Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability affects versions of Flatpak prior to 1.12.3 and 1.10.6. flatpak-builder applies `finish-args` last in the build. At this point the build directory will have the full access that i |
- affected < 1.4.8-1.1fixed 1.4.8-1.1
flatpak-builder is a tool to build flatpaks from source. From 1.4.5 to before 1.4.8, the license-files manifest key takes an array of paths to user defined licence files relative to the source directory of the module. The paths from that array are resolved using g_file_resolve_re
- CVE-2022-21682Jan 13, 2022affected < 1.2.2-1.1fixed 1.2.2-1.1
Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability affects versions of Flatpak prior to 1.12.3 and 1.10.6. flatpak-builder applies `finish-args` last in the build. At this point the build directory will have the full access that i