0.9.62

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-08	CVE-2021-26910	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation. local high complexity firejail-project debian CWE-367	7.0
2020-08-11	CVE-2020-17368	OS Command Injection vulnerability in multiple products Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection. network low complexity firejail-project debian fedoraproject opensuse CWE-78 critical	9.8
2020-08-11	CVE-2020-17367	Argument Injection or Modification vulnerability in multiple products Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection. local low complexity firejail-project debian fedoraproject opensuse CWE-88	7.8