Flatpak is a suite of application virtualization systems for Linux desktop application computing environments. versions prior to Flatpak 1.12.0 and 1.10.4 contain an input validation error vulnerability that stems from direct access to AF_UNIX sockets (such as those used by Wayland, Pipewire or Pipewire pulse ) of the Flatpak application can trick portals and other host OS services into treating the Flatpak application as a normal, non-sandboxed host OS process. No detailed vulnerability details are currently available.
CPE | Name | Operator | Version |
---|---|---|---|
flatpak flatpak | lt | 1.12.0 | |
flatpak flatpak | lt | 1.10.4 |