Lucene search
Veracode Vulnerability DatabaseVERACODE:19916HistoryMay 16, 2019 - 3:39 a.m.
Authentication Bypass
2019-05-1603:39:16
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
0.002 Low
EPSS
Percentile
59.1%
Flatpak is vulnerable to authentication bypass. Remote unauthenticated attackers could bypass the authentication mechanism via an ioctl request number that has TIOCSTI in its 32 least significant bits and an arbitrary nonzero value in its 32 most significant bits, which the Linux kernel would treat as equivalent to TIOCSTI.
Related
nessus
nessus
RHEL 8 : flatpak (RHSA-2019:1143)
2019-05-13 00:00:00
CentOS 7 : flatpak (CESA-2019:1024)
2019-05-14 00:00:00
Amazon Linux 2 : flatpak (ALAS-2019-1219)
2019-05-31 00:00:00
oraclelinux
oraclelinux
flatpak security update
2019-07-30 00:00:00
flatpak security update
2019-05-07 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package flatpak version 1.2.4-alt1
2019-04-07 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for flatpak (EulerOS-SA-2020-1004)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for flatpak (EulerOS-SA-2020-1305)
2020-03-24 00:00:00
Huawei EulerOS: Security Advisory for nautilus (EulerOS-SA-2022-1356)
2022-03-29 00:00:00
redhatcve
redhatcve
cve
cve
nvd
nvd
debiancve
debiancve
ubuntucve
ubuntucve
osv
osv
cvelist
cvelist
prion
prion
Design/Logic Flaw
2019-04-22 22:29:00
Design/Logic Flaw
2019-04-22 21:29:00
Design/Logic Flaw
2019-03-26 14:29:00
centos
centos
flatpak security update
2019-05-13 15:08:37
alpinelinux
alpinelinux
CVE-2019-11461
2019-04-22 21:29:00
CVE-2019-10063
2019-03-26 14:29:00
redhat
redhat
(RHSA-2019:1024) Important: flatpak security update
2019-05-07 17:30:44
(RHSA-2019:1143) Important: flatpak security update
2019-05-13 04:50:39
archlinux
archlinux
[ASA-201905-3] nautilus: sandbox escape
2019-05-06 00:00:00
amazon
amazon
Important: flatpak
2019-05-29 19:11:00