Firejail Project Firejail for WordPress

CPE Details

Firejail Project Firejail for WordPress
firejail_project
firejail
-
2019-09-19
10h43 +00:00
2019-09-19
10h43 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:firejail_project:firejail:-:*:*:*:*:wordpress:*:*

Informations

Vendor

firejail_project

Product

firejail

Version

-

Target Software

wordpress

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-26910 2021-02-08 18h56 +00:00 Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.
7.8
High
CVE-2020-17368 2020-08-11 13h59 +00:00 Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection.
9.8
Critical
CVE-2020-17367 2020-08-11 13h58 +00:00 Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.
7.8
High
CVE-2016-10117 2017-04-13 12h00 +00:00 Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.
7.8
High
CVE-2016-10118 2017-04-13 12h00 +00:00 Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.
3.3
Low
CVE-2016-10119 2017-04-13 12h00 +00:00 Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
7.8
High
CVE-2016-10120 2017-04-13 12h00 +00:00 Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.
7.8
High
CVE-2016-10121 2017-04-13 12h00 +00:00 Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.
7.8
High
CVE-2016-10122 2017-04-13 12h00 +00:00 Firejail does not properly clean environment variables, which allows local users to gain privileges.
7.8
High
CVE-2016-10123 2017-04-13 12h00 +00:00 Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges.
7.8
High
CVE-2017-5206 2017-03-23 15h00 +00:00 Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.
9
Critical
CVE-2017-5207 2017-03-23 15h00 +00:00 Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument.
7.8
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.