← volver
CVE-2018-6560

CVE-2018-6560

EPSS 0.4%
In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://access.redhat.com/errata/RHSA-2018:2766https://github.com/flatpak/flatpak/commit/52346bf187b5a7f1c0fe9075b328b7ad6abe78f6https://github.com/flatpak/flatpak/releases/tag/0.10.3https://github.com/flatpak/flatpak/releases/tag/0.8.9