VYPR

rpm package

suse/flatpak&distro=SUSE Linux Enterprise Server 15 SP5-LTSS

pkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS

Vulnerabilities (4)

  • CVE-2026-34079HigApr 7, 2026
    affected < 1.16.0-150500.3.18.1fixed 1.16.0-150500.3.18.1

    Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps to delete ar

  • CVE-2026-34078CriApr 7, 2026
    affected < 1.16.0-150500.3.18.1fixed 1.16.0-150500.3.18.1

    Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths. Flatpak run mounts the resolved host path in the sandbox. This g

  • CVE-2024-42472Aug 15, 2024
    affected < 1.16.0-150500.3.15.1fixed 1.16.0-150500.3.15.1

    Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on in

  • CVE-2024-32462Apr 18, 2024
    affected < 1.16.0-150500.3.15.1fixed 1.16.0-150500.3.15.1

    Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak app could execute arbitrary code outside its sandbox. Normally, the `--command` argument