| CNNVD-ID编号 | CNNVD-202101-1138 |
| CVE编号 | CVE-2021-21261 |
| 发布时间 | 2021-01-14 |
| 更新时间 | 2021-01-18 |
| 漏洞类型 | 注入 |
| 漏洞来源 | N/A |
| 危险等级 | 高危 |
| 威胁类型 | 远程 |
| 厂 商 | N/A |
Flatpak是一套用于Linux桌面应用计算机环境的应用程序虚拟化系统。
Flatpak 存在注入漏洞,该漏洞源于flatpak-portal允许沙箱应用程序在主机系统上执行任意代码(沙箱逃脱)。
目前厂商已发布升级了Flatpak 注入漏洞的补丁,Flatpak 注入漏洞的补丁获取链接:
https://github.com/flatpak/flatpak/commit/fb1eaefbceeb73f02eb1bc85865d74a414faf8b8
来源:DEBIAN
来源:MISC
链接:https://github.com/flatpak/flatpak/commit/6a11007021658518c088ba0cc5e4da27962a940a
来源:MISC
链接:https://github.com/flatpak/flatpak/commit/57416f380600d9754df12baf5b227144ff1bb54d
来源:MISC
来源:MISC
链接:https://github.com/flatpak/flatpak/commit/dcd24941c7087c5f7e8033abe50b178ac02a34af
来源:MISC
链接:https://github.com/flatpak/flatpak/commit/fb1eaefbceeb73f02eb1bc85865d74a414faf8b8
来源:CONFIRM
链接:https://github.com/flatpak/flatpak/security/advisories/GHSA-4ppf-fxf6-vxg2
暂无