CVE-2026-10037
8.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or malicious sandboxed application with access to the OpenURI portal via xdg-desktop-portal-gtk can write a malicious .jar file to the host file system, set its executable bit, and trigger the handler to execute arbitrary code outside of the sandbox environment.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Canonical | Ubuntu | 0 < 3.70+nmu1ubuntu1.22.04.1 | affected |
| Canonical | Ubuntu | 0 < 3.70+nmu1ubuntu1.24.04.1 | affected |
| Canonical | Ubuntu | 0 < 3.74ubuntu1.1 | affected |
| Canonical | Ubuntu | 0 < 3.75ubuntu1.1 | affected |
Weaknesses
- CWE-20: CWE-20 Improper input validation
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.