VYPR

rpm package

opensuse/flatpak-builder&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/flatpak-builder&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2026-39977MedApr 9, 2026
    affected < 1.4.8-1.1fixed 1.4.8-1.1

    flatpak-builder is a tool to build flatpaks from source. From 1.4.5 to before 1.4.8, the license-files manifest key takes an array of paths to user defined licence files relative to the source directory of the module. The paths from that array are resolved using g_file_resolve_re

  • CVE-2022-21682Jan 13, 2022
    affected < 1.2.2-1.1fixed 1.2.2-1.1

    Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability affects versions of Flatpak prior to 1.12.3 and 1.10.6. flatpak-builder applies `finish-args` last in the build. At this point the build directory will have the full access that i