Smcv

**Name of the Vulnerable Software and Affected Versions** Flatpak versions prior to 1.10.8 Flatpak versions prior to 1.12.8 Flatpak versions prior to 1.14.4 Flatpak versions prior to 1.15.4 **Description** The issue is related to the Flatpak system for building, distributing, and running sandboxed desktop applications on Linux. In affected versions, an attacker can publish a Flatpak app with elevated permissions and hide those permissions from users of the `flatpak(1)` command-line interface by setting other permissions to crafted values that contain non-printable control characters such as `ESC`. This could allow a remote attacker to impact the integrity of data. **Recommendations** For versions prior to 1.10.8, update to version 1.10.8 or later. For versions prior to 1.12.8, update to version 1.12.8 or later. For versions prior to 1.14.4, update to version 1.14.4 or later. For versions prior to 1.15.4, update to version 1.15.4 or later. As a temporary workaround, consider using a GUI like GNOME Software rather than the command-line interface, or only install apps whose maintainers you trust.

**Name of the Vulnerable Software and Affected Versions** rtcwcoop version 1.0.2 **Description** A vulnerability has been found in the function `AICast ScriptLoad` of the file code/game/ai cast script.c of the component Team Command Handler, leading to denial of service. **Recommendations** For rtcwcoop version 1.0.2, it is recommended to apply a patch to fix this issue. As a temporary workaround, consider disabling the `AICast ScriptLoad` function until a patch is available.