pkg:Debian/firejail

All known vulnerabilities

• CRITICAL9.8CVE-2020-17368Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command inj…
  from 0, < 0.9.62-4
• CRITICAL9.0CVE-2017-5206Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox p…
  from 0, < 0.9.44.4-1
• HIGH8.8CVE-2019-12589In Firejail before 0.9.60, seccomp filters are writable inside the jail, leading to a lack of intended seccomp restrictions for a process t…
  from 0, < 0.9.58.2-2
• HIGH8.8CVE-2017-5940Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent…
  from 0, < 0.9.44.6-1
• HIGH8.8CVE-2017-5180Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessin…
  from 0, < 0.9.44.2-3
• HIGH8.8CVE-2016-9016Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
  from 0, < 0.9.44-1
• HIGH8.1CVE-2019-12499Firejail before 0.9.60 allows truncation (resizing to length 0) of the firejail binary on the host by running exploit code inside a firejai…
  from 0, < 0.9.58.2-2
• HIGH7.8CVE-2022-31214firejail - security update
  from 0, < 0.9.58.2-2+deb10u3
• HIGH7.8CVE-2022-31214firejail - security update
  from 0, < 0.9.64.4-2+deb11u1
• HIGH7.8CVE-2022-31214firejail - security update
  from 0, < 0.9.58.2-2+deb9u1
• HIGH7.8CVE-2020-17367firejail - security update
  from 0, < 0.9.44.8-2+deb9u1
• HIGH7.8CVE-2020-17367firejail - security update
  from 0, < 0.9.62-4
• HIGH7.8CVE-2020-17367firejail - security update
  from 0, < 0.9.58.2-2+deb10u1
• HIGH7.8CVE-2016-10123Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges.
  from 0, < 0.9.38-1
• HIGH7.8CVE-2016-10122Firejail does not properly clean environment variables, which allows local users to gain privileges.
  from 0, < 0.9.44.2-1
• HIGH7.8CVE-2016-10121Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.
  from 0, < 0.9.38-1
• HIGH7.8CVE-2016-10120Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privi…
  from 0, < 0.9.38-1
• HIGH7.8CVE-2016-10119Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
  from 0, < 0.9.38-1
• HIGH7.8CVE-2016-10117Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.
  from 0, < 0.9.38-1
• HIGH7.8CVE-2017-5207Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument.
  from 0, < 0.9.44.4-1
• HIGH7.0CVE-2021-26910firejail - security update
  from 0, < 0.9.44.8-2+deb9u2
• HIGH7.0CVE-2021-26910firejail - security update
  from 0, < 0.9.58.2-2+deb10u2
• HIGH7.0CVE-2021-26910firejail - security update
  from 0, < 0.9.64.4-1
• LOW3.3CVE-2016-10118Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.
  from 0, < 0.9.44.2-1