Projectatomic Bubblewrap — known CVE vulnerabilities
Every CVE whose affected-product data names Projectatomic Bubblewrap, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2017-5226 — CVSS 10.0 (critical): When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to…
CVE-2019-12439 — CVSS 7.4 (high): bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations (related…
CVE-2020-5291 — CVSS 7.2 (high): Bubblewrap (bwrap) before version 0.4.1, if installed in setuid mode and the kernel supports unprivileged user namespaces, then the `bwrap…