Vulnerabilities > Firejail Project

DATE CVE VULNERABILITY TITLE RISK
2021-02-08 CVE-2021-26910 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.
6.9
2020-08-11 CVE-2020-17368 OS Command Injection vulnerability in multiple products
Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection.
network
low complexity
firejail-project debian CWE-78
7.5
2020-08-11 CVE-2020-17367 OS Command Injection vulnerability in multiple products
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.
local
low complexity
firejail-project debian CWE-78
4.6
2019-06-03 CVE-2019-12589 Incorrect Permission Assignment for Critical Resource vulnerability in Firejail Project Firejail
In Firejail before 0.9.60, seccomp filters are writable inside the jail, leading to a lack of intended seccomp restrictions for a process that is joined to the jail after a filter has been modified by an attacker.
local
low complexity
firejail-project CWE-732
4.6
2019-05-31 CVE-2019-12499 Unspecified vulnerability in Firejail Project Firejail
Firejail before 0.9.60 allows truncation (resizing to length 0) of the firejail binary on the host by running exploit code inside a firejail sandbox and having the sandbox terminated.
network
firejail-project
critical
9.3
2017-04-13 CVE-2016-10123 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges.
local
low complexity
firejail-project CWE-264
7.2
2017-04-13 CVE-2016-10122 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail does not properly clean environment variables, which allows local users to gain privileges.
local
low complexity
firejail-project CWE-264
7.2
2017-04-13 CVE-2016-10121 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.
local
low complexity
firejail-project CWE-264
7.2
2017-04-13 CVE-2016-10120 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.
local
low complexity
firejail-project CWE-264
7.2
2017-04-13 CVE-2016-10119 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
local
low complexity
firejail-project CWE-264
7.2