A vulnerability was found in Flatpak up to 1.10.3/1.11.x and classified as critical. This issue affects some unknown functionality of the file /.flatpak-info of the component seccomp Filter Handler. Upgrading to version 1.8.2, 1.10.4 or 1.12.0 eliminates this vulnerability. Applying the patch 1330662f33a55e88bfe18e76de28b7922d91a999 is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
Flatpak up to 1.10.3/1.11.x seccomp Filter /.flatpak-info input validation
- Virtual Patching
- October 9, 2021
- 4:07 pm
Contact us to get started
CVE-2024-50919 : JPRESS 5.1.1 ON WINDOWS JSP FILE UNRESTRICTED UPLOAD
Description Jpress until v5.1.1 has arbitrary file uploads on the windows platform, and the construction of non-standard file formats such
CVE-2024-47873 : PHPOFFICE PHPSPREADSHEET UP TO 1.29.3/2.1.2/2.3.1/3.3.X SCAN/FINDCHARSET XML EXTERNAL ENTITY REFERENCE
Description PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which
CVE-2024-43416 : GLPI UP TO 10.0.16 INFORMATION DISCLOSURE
Description GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17,