Flatpak vulnerabilities

CVE-2026-34078 [CRITICAL] CWE-61 CVE-2026-34078: Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak p Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths. Flatpak run mounts the resolved host path in the sandbox. This gives apps access to all host files and can be used as a primitive to g

CVE-2026-34079 [HIGH] CWE-22 CVE-2026-34079: Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching f Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps to delete arbitrary files on the host. This vulnerability is fixed in 1.16.4.

CVE-2024-42472 [CRITICAL] CWE-74 CVE-2024-42472: Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1 Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and confidentiality. When `persistent=subdir` is used in the

CVE-2024-32462 [HIGH] CWE-88 CVE-2024-32462: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak app could execute arbitrary code outside its sandbox. Normally, the `--command` argument of `flatpak run` expects to be given a command to run in the specified Fla

CVE-2023-28100 [CRITICAL] CVE-2023-28100: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4 contain a vulnerability similar to CVE-2017-5226, but using the `TIOCLINUX` ioctl command instead of `TIOCSTI`. If a Flatpak app is run on a Linux virtual console such as `/dev/tty1`, it can copy text fr

CVE-2023-28101 [MEDIUM] CWE-116 CVE-2023-28101: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4, if an attacker publishes a Flatpak app with elevated permissions, they can hide those permissions from users of the `flatpak(1)` command-line interface by setting other permissions to crafted v

CVE-2022-21682 [HIGH] CWE-22 CVE-2022-21682: Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability affects versions of Flatpak prior to 1.12.3 and 1.10.6. flatpak-builder applies `finish-args` last in the build. At this point the build directory will have the full access that is specified in the manifest, so running `flatpak build` against it will ga

CVE-2021-43860 [HIGH] CWE-269 CVE-2021-43860: Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1 Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the case that there's a null byte in the metadata file of an app. Therefore app

CVE-2021-41133 [HIGH] CWE-20 CVE-2021-41133: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services into treating the Flatpak app as though it was an ordinary,

CVE-2021-21381 [HIGH] CWE-74 CVE-2021-21381: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In Flatpack since version 0.9.4 and before version 1.10.2 has a vulnerability in the "file forwarding" feature which can be used by an attacker to gain access to files that would not ordinarily be allowed by the app's permissions. By putting the special

CVE-2021-21261 [HIGH] CWE-74 CVE-2021-21261: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the `flatpak-portal` service that can allow sandboxed applications to execute arbitrary code on the host system (a sandbox escape). This sandbox-escape bug is present in versions from 0.11.4 and before fixed versions 1.8.5 and 1.

CVE-2019-10063 [CRITICAL] CWE-20 CVE-2019-10063: Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the controlling terminal so that they would be executed outside

CVE-2019-8308 [HIGH] CWE-668 CVE-2019-8308: Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sand Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

CVE-2018-6560 [HIGH] CWE-436 CVE-2018-6560: In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon.

CVE-2017-9780 [HIGH] CWE-732 CVE-2017-9780: In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain file In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with those permissions, which would let a local attacker run the setuid executable or write to the world-writable location. In the case of the "system helper" c

CVE-2017-5226 [CRITICAL] CWE-20 CVE-2017-5226: When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent se When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox.