Back to search
CVE-2020-17367
Published: Aug 11, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/netblue30/firejail
x_refsource_MISC
https://www.debian.org/security/2020/dsa-4742
x_refsource_MISC
DSA-4743
vendor-advisory
x_refsource_DEBIAN
openSUSE-SU-2020:1208
vendor-advisory
x_refsource_SUSE
[debian-lts-announce] 20200822 [SECURITY] [DLA 2336-1] firejail security update
mailing-list
x_refsource_MLIST
FEDORA-2020-45fc8559d5
vendor-advisory
x_refsource_FEDORA
FEDORA-2020-80a6d7e7e0
vendor-advisory
x_refsource_FEDORA
GLSA-202101-02
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now