rpm package
suse/flatpak&distro=SUSE Linux Enterprise Module for Desktop Applications 15
pkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-11461 | — | < 0.10.4-4.10.1 | 0.10.4-4.10.1 | Apr 22, 2019 | An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 and 3.32 prior to 3.32.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's controlling t | ||
| CVE-2019-11460 | — | < 0.10.4-4.10.1 | 0.10.4-4.10.1 | Apr 22, 2019 | An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the t | ||
| CVE-2019-8308 | — | < 0.10.4-4.10.1 | 0.10.4-4.10.1 | Feb 12, 2019 | Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file. |
- CVE-2019-11461Apr 22, 2019affected < 0.10.4-4.10.1fixed 0.10.4-4.10.1
An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 and 3.32 prior to 3.32.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's controlling t
- CVE-2019-11460Apr 22, 2019affected < 0.10.4-4.10.1fixed 0.10.4-4.10.1
An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the t
- CVE-2019-8308Feb 12, 2019affected < 0.10.4-4.10.1fixed 0.10.4-4.10.1
Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.