Search for vulnerabilities
Vulnerability details: VCID-a2cf-yjjc-z3dh
Vulnerability ID VCID-a2cf-yjjc-z3dh
Aliases CVE-2019-12589
Summary In Firejail before 0.9.60, seccomp filters are writable inside the jail, leading to a lack of intended seccomp restrictions for a process that is joined to the jail after a filter has been modified by an attacker.
Status Published
Exploitability 0.5
Weighted Severity 7.9
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-732 Incorrect Permission Assignment for Critical Resource
System Score Found at
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
epss 0.00079 https://api.first.org/data/v1/epss?cve=CVE-2019-12589
cvssv2 4.6 https://nvd.nist.gov/vuln/detail/CVE-2019-12589
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2019-12589
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2019-12589
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12589
https://github.com/netblue30/firejail/commit/eecf35c2f8249489a1d3e512bb07f0d427183134
https://github.com/netblue30/firejail/issues/2718
https://github.com/netblue30/firejail/releases/tag/0.9.60
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDY7B73YDRBURA25APSHD5PFEO4TNSFW/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGVULJ6IKVDO6UAVIQRHQVSKOUD6QDWM/
929732 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929732
cpe:2.3:a:firejail_project:firejail:*:*:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:firejail_project:firejail:*:*:*:*:-:*:*:*
CVE-2019-12589 https://nvd.nist.gov/vuln/detail/CVE-2019-12589
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2019-12589
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2019-12589
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.24338
EPSS Score 0.00079
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T12:06:35.487238+00:00 EPSS Importer Import https://epss.cyentia.com/epss_scores-current.csv.gz 37.0.0