Firejail Project: >> Firejail >> 0.9.56.2 Security Vulnerabilities
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-02-08
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-08-11
Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection.
CVSS Score
9.8
EPSS Score
0.045
Published
2020-08-11