rpm package
suse/flatpak&distro=SUSE Linux Enterprise Server 15 SP6-LTSS
pkg:rpm/suse/flatpak&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSS
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-34079 | Hig | 7.5 | < 1.16.0-150600.3.9.1 | 1.16.0-150600.3.9.1 | Apr 7, 2026 | Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps to delete ar | |
| CVE-2026-34078 | Cri | 10.0 | < 1.16.0-150600.3.9.1 | 1.16.0-150600.3.9.1 | Apr 7, 2026 | Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths. Flatpak run mounts the resolved host path in the sandbox. This g |
- affected < 1.16.0-150600.3.9.1fixed 1.16.0-150600.3.9.1
Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps to delete ar
- affected < 1.16.0-150600.3.9.1fixed 1.16.0-150600.3.9.1
Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths. Flatpak run mounts the resolved host path in the sandbox. This g