{"id":"CVE-2018-6560","details":"In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon.","modified":"2026-04-16T06:26:26.551253477Z","published":"2018-02-02T14:29:01.637Z","references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:2766"},{"type":"ADVISORY","url":"https://github.com/flatpak/flatpak/releases/tag/0.10.3"},{"type":"ADVISORY","url":"https://github.com/flatpak/flatpak/releases/tag/0.8.9"},{"type":"FIX","url":"https://github.com/flatpak/flatpak/commit/52346bf187b5a7f1c0fe9075b328b7ad6abe78f6"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/flatpak/flatpak","events":[{"introduced":"0"},{"fixed":"102089f14a26b0e805ae3315a9961a06311f5d48"},{"introduced":"696775687721748ba779dfb58f29ab47ed1fd6ae"},{"last_affected":"d952cdab9b7f9c38ad7bda43c33209ba3fcb0230"},{"introduced":"2a0c17976fadf65badc3d18df565a7f04e7089b0"},{"fixed":"a3a83241e398b72cdd8b13b13c55ef5ad330a5ed"},{"fixed":"52346bf187b5a7f1c0fe9075b328b7ad6abe78f6"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.8.9"},{"introduced":"0.9.1"},{"last_affected":"0.9.99"},{"introduced":"0.10.0"},{"fixed":"0.10.3"}]}}],"versions":["0.1","0.10.0","0.10.1","0.10.2","0.10.2.1","0.2","0.2.1","0.3","0.3.1","0.3.2","0.3.3","0.3.4","0.3.5","0.3.6","0.4.0","0.4.1","0.4.10","0.4.11","0.4.12","0.4.13","0.4.2","0.4.2.1","0.4.3","0.4.4","0.4.5","0.4.6","0.4.7","0.4.8","0.4.9","0.5.0","0.5.1","0.5.2","0.6.0","0.6.1","0.6.10","0.6.11","0.6.12","0.6.13","0.6.14","0.6.2","0.6.3","0.6.4","0.6.5","0.6.6","0.6.7","0.6.8","0.6.9","0.8.0","0.8.1","0.8.2","0.8.3","0.8.4","0.8.5","0.8.6","0.8.7","0.8.8","0.9.1","0.9.10","0.9.11","0.9.12","0.9.2","0.9.3","0.9.4","0.9.5","0.9.6","0.9.7","0.9.8","0.9.9","0.9.98","0.9.98.1","0.9.98.2","0.9.99"],"database_specific":{"vanir_signatures":[{"source":"https://github.com/flatpak/flatpak/commit/52346bf187b5a7f1c0fe9075b328b7ad6abe78f6","signature_type":"Function","target":{"function":"flatpak_proxy_client_finalize","file":"dbus-proxy/flatpak-proxy.c"},"signature_version":"v1","id":"CVE-2018-6560-49e0d6bc","digest":{"length":432,"function_hash":"271580508226823062190979009490022597235"},"deprecated":false},{"source":"https://github.com/flatpak/flatpak/commit/52346bf187b5a7f1c0fe9075b328b7ad6abe78f6","signature_type":"Line","target":{"file":"dbus-proxy/flatpak-proxy.c"},"signature_version":"v1","id":"CVE-2018-6560-5cba92a9","digest":{"line_hashes":["33443991552065430625883140664960554645","249668976182390477160399241629407843","148068370380488546696372669946769133184","253794885000327241323305002654080225647","239566410510601694147048116101873835661","6617241676584212676802541517937398068","322841369026825788079468822478187893194","316247568099151752934755440417248412760","242312409619618465861830985717358921103","26655659788465253872422048660819491138","258872382271110977586200286488193397938","223268080255015117545793230710965474692","300520181440958642720437184348851132988","218918388839110749689265824547110271312","97532705891949284607240340986280919852","71042432705380190050146700331692816269","141595357371026743881377225324227150178","178295943713716928244258490629202502645","231751224223245575687941127642602348384","211472587575694651643334757544971823127","187265719419144018439775295820181819183","82465328420217024855663614546065327459","22087343269216961997569443263537836373","190992788998097464499547861702648379011","272483426027075328767835319502281744882","275056874914622493107706444423388890164","13245387091157864367976990643030272902","303199266223569490467932304574764552065","100983794812600219168317506843835820703","27027832119572392456447547281933507333","27603941539054920375746226876215366199","2943247828385361182582479870733604923","253308463675229954714864089894874481409","138189994429466651654163293611455461389","74525983398891566830324719445148605771","331918003786901264917902344449796661541","145638329012390475720360066802298608563","26413377724842793987909336008068266854","71984267621290895498078666604010823294","129644228877169573678762454825407348746","275957262420249559439330829476845178674","245128242953244688937232858684940555815","101264789609924738488537872878261208421","49445351117685077352689524606019514710","249185831335510299012523498807869867471","143121139624474137479755660008422789602","32116584346631538232569932602797173811","339943451691414329381270955468919601482","143590441056327954582473391338818771123","98732428851334620085376076635594607120","308912304910077081686171960263567503475","189940161002865769874491167778860083139"],"threshold":0.9},"deprecated":false},{"signature_type":"Function","source":"https://github.com/flatpak/flatpak/commit/52346bf187b5a7f1c0fe9075b328b7ad6abe78f6","target":{"function":"find_auth_end","file":"dbus-proxy/flatpak-proxy.c"},"digest":{"length":906,"function_hash":"94076229903423218780424398294283891515"},"id":"CVE-2018-6560-60591b92","signature_version":"v1","deprecated":false},{"source":"https://github.com/flatpak/flatpak/commit/52346bf187b5a7f1c0fe9075b328b7ad6abe78f6","signature_type":"Function","target":{"function":"flatpak_proxy_client_init","file":"dbus-proxy/flatpak-proxy.c"},"signature_version":"v1","id":"CVE-2018-6560-7615320d","digest":{"length":450,"function_hash":"71478221109172127664663139852962333889"},"deprecated":false},{"source":"https://github.com/flatpak/flatpak/commit/52346bf187b5a7f1c0fe9075b328b7ad6abe78f6","signature_type":"Function","target":{"function":"side_in_cb","file":"dbus-proxy/flatpak-proxy.c"},"signature_version":"v1","id":"CVE-2018-6560-e2b6af12","digest":{"length":1606,"function_hash":"222230739918166777936704554248456636559"},"deprecated":false}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-6560.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.5"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]}],"vanir_signatures_modified":"2026-04-11T14:11:07Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}]}