Vulnerabilidades em flatpak
14 resultadosCVE-2022-21682HIGHflatpak-builder can access files outside the build directory.EPSS 1.7%CVE-2026-34078CRITICALFlatpak has a complete sandbox escape leading to host file access and code execution in the host contextEPSS 1.6%CVE-2021-21381HIGHSandbox escape via special tokens in .desktop fileEPSS 1.5%CVE-2021-43860HIGHPermissions granted to applications can be hidden from the user at install timeEPSS 1.3%CVE-2024-42472CRITICALFlatpak may allow access to files outside sandbox for certain appsEPSS 1.3%CVE-2023-28101MEDIUMFlatpak metadata with ANSI control codes can cause misleading terminal outputEPSS 0.9%CVE-2023-28100CRITICALTIOCLINUX can send commands outside sandbox if running on a virtual consoleEPSS 0.9%CVE-2021-21261HIGHFlatpak sandbox escape via spawn portalEPSS 0.6%CVE-2024-32462HIGHFlatpak vulnerable to a sandbox escape via RequestBackground portal due to bad argument parsingEPSS 0.5%CVE-2021-41133HIGHSandbox bypass via recent VFS-manipulating syscallsEPSS 0.4%CVE-2026-34079HIGHFlatpak affected by arbitrary file deletion on the host filesystemEPSS 0.3%CVE-2026-39977HIGHflatpak-builder has a path traversal leading to arbitrary file read on host when installing licence filesEPSS 0.3%CVE-2026-34080MEDIUMxdg-dbus-proxy has an eavesdrop filter bypass allowing message interceptionEPSS 0.2%CVE-2026-40354LOWFlatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlinkEPSS 0.1%