VulnerableCode Package Details - pkg:alpm/archlinux/firejail@0.9.44.10-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-287d-4ufd-73aq	Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.	CVE-2016-10119
VCID-2e1r-1ef8-qqan	Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option.	CVE-2017-5180
VCID-3xpj-myft-tfc4	Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument.	CVE-2017-5207
VCID-5nem-4rvk-p3ap	Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.	CVE-2017-5206
VCID-63e4-p5kk-cqbd	Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges.	CVE-2016-10123
VCID-f4wj-e8v6-kqdz	Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.	CVE-2016-10117
VCID-fk16-qxdv-cbha	Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.	CVE-2016-10120
VCID-gpav-za1b-mkas	Firejail does not properly clean environment variables, which allows local users to gain privileges.	CVE-2016-10122
VCID-r3h7-skuu-aqcb	Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.	CVE-2016-10121
VCID-wev9-a832-eyg4	Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.	CVE-2016-10118

Vulnerability

Summary

Aliases

VCID-287d-4ufd-73aq

Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.

CVE-2016-10119

VCID-2e1r-1ef8-qqan

Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option.

CVE-2017-5180

VCID-3xpj-myft-tfc4

Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument.

CVE-2017-5207

VCID-5nem-4rvk-p3ap

Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.

CVE-2017-5206

VCID-63e4-p5kk-cqbd

Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges.

CVE-2016-10123

VCID-f4wj-e8v6-kqdz

Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.

CVE-2016-10117

VCID-fk16-qxdv-cbha

Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.

CVE-2016-10120

VCID-gpav-za1b-mkas

Firejail does not properly clean environment variables, which allows local users to gain privileges.

CVE-2016-10122

VCID-r3h7-skuu-aqcb

Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.

CVE-2016-10121

VCID-wev9-a832-eyg4

Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.

CVE-2016-10118

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-12-19T19:53:36.222183+00:00	Arch Linux Importer	Fixing	VCID-f4wj-e8v6-kqdz	https://security.archlinux.org/AVG-128	37.0.0
2025-12-19T19:53:36.202248+00:00	Arch Linux Importer	Fixing	VCID-wev9-a832-eyg4	https://security.archlinux.org/AVG-128	37.0.0
2025-12-19T19:53:36.183559+00:00	Arch Linux Importer	Fixing	VCID-287d-4ufd-73aq	https://security.archlinux.org/AVG-128	37.0.0
2025-12-19T19:53:36.163467+00:00	Arch Linux Importer	Fixing	VCID-fk16-qxdv-cbha	https://security.archlinux.org/AVG-128	37.0.0
2025-12-19T19:53:36.144891+00:00	Arch Linux Importer	Fixing	VCID-r3h7-skuu-aqcb	https://security.archlinux.org/AVG-128	37.0.0
2025-12-19T19:53:36.125675+00:00	Arch Linux Importer	Fixing	VCID-gpav-za1b-mkas	https://security.archlinux.org/AVG-128	37.0.0
2025-12-19T19:53:36.106398+00:00	Arch Linux Importer	Fixing	VCID-63e4-p5kk-cqbd	https://security.archlinux.org/AVG-128	37.0.0
2025-12-19T19:53:36.087685+00:00	Arch Linux Importer	Fixing	VCID-2e1r-1ef8-qqan	https://security.archlinux.org/AVG-128	37.0.0
2025-12-19T19:53:36.070497+00:00	Arch Linux Importer	Fixing	VCID-5nem-4rvk-p3ap	https://security.archlinux.org/AVG-128	37.0.0
2025-12-19T19:53:36.050396+00:00	Arch Linux Importer	Fixing	VCID-3xpj-myft-tfc4	https://security.archlinux.org/AVG-128	37.0.0