Vulnerabilities > Firejail Project

DATE	CVE	VULNERABILITY TITLE	RISK
2017-04-13	CVE-2016-10119	Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges. local low complexity firejail-project CWE-264	7.2
2017-04-13	CVE-2016-10118	Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /. local low complexity firejail-project CWE-264	2.1
2017-04-13	CVE-2016-10117	Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc. local low complexity firejail-project CWE-264	7.2
2017-03-23	CVE-2017-5207	Improper Privilege Management vulnerability in Firejail Project Firejail Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument. local low complexity firejail-project CWE-269	7.2
2017-03-23	CVE-2017-5206	Security Bypass vulnerability in Firejail Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument. network firejail-project linux	6.8
2017-02-09	CVE-2017-5940	Improper Privilege Management vulnerability in Firejail Project Firejail Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option. local low complexity firejail-project CWE-269	4.6
2017-02-09	CVE-2017-5180	Missing Authorization vulnerability in Firejail Project Firejail Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option. local low complexity firejail-project CWE-862	4.6
2017-01-19	CVE-2016-9016	Improper Access Control vulnerability in Firejail Project Firejail 0.9.38.4 Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. local low complexity firejail-project CWE-284	7.2

Vulnerabilities > Firejail Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Firejail Project"}]}

Vulnerabilities > Firejail Project