Vulnerabilities > Projectatomic > Bubblewrap > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-31 | CVE-2020-5291 | Improper Privilege Management vulnerability in multiple products Bubblewrap (bwrap) before version 0.4.1, if installed in setuid mode and the kernel supports unprivileged user namespaces, then the `bwrap --userns2` option can be used to make the setuid process keep running as root while being traceable. | 7.8 |
| 2019-05-29 | CVE-2019-12439 | Improper Input Validation vulnerability in Projectatomic Bubblewrap bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. | 7.8 |