Firejail Project Firejail 0.9.36 Release Candidate 1

CPE Details

Firejail Project Firejail 0.9.36 Release Candidate 1
firejail_project
firejail
0.9.36
2019-06-03
10h59 +00:00
2019-06-03
10h59 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:firejail_project:firejail:0.9.36:rc1:*:*:*:*:*:*

Informations

Vendor

firejail_project

Product

firejail

Version

0.9.36

Update

rc1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-26910 2021-02-08 18h56 +00:00 Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.
7.8
Haute
CVE-2020-17368 2020-08-11 13h59 +00:00 Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection.
9.8
Critique
CVE-2020-17367 2020-08-11 13h58 +00:00 Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.
7.8
Haute
CVE-2017-5206 2017-03-23 15h00 +00:00 Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.
9
Critique
CVE-2017-5207 2017-03-23 15h00 +00:00 Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument.
7.8
Haute