object(app\admin\model\bug\Bug)#19 (37) {
  ["name":protected]=>
  string(3) "bug"
  ["autoWriteTimestamp":protected]=>
  string(7) "integer"
  ["createTime":protected]=>
  string(10) "createtime"
  ["updateTime":protected]=>
  string(10) "updatetime"
  ["deleteTime":protected]=>
  string(10) "deletetime"
  ["append":protected]=>
  array(0) {
  }
  ["connection":protected]=>
  array(0) {
  }
  ["parent":protected]=>
  NULL
  ["query":protected]=>
  NULL
  ["table":protected]=>
  NULL
  ["class":protected]=>
  string(23) "app\admin\model\bug\Bug"
  ["error":protected]=>
  NULL
  ["validate":protected]=>
  NULL
  ["pk":protected]=>
  NULL
  ["field":protected]=>
  array(0) {
  }
  ["except":protected]=>
  array(0) {
  }
  ["disuse":protected]=>
  array(0) {
  }
  ["readonly":protected]=>
  array(0) {
  }
  ["visible":protected]=>
  array(0) {
  }
  ["hidden":protected]=>
  array(0) {
  }
  ["data":protected]=>
  array(24) {
    ["id"]=>
    int(7212)
    ["cve_code"]=>
    string(14) "CVE-2021-21261"
    ["cnnvd"]=>
    NULL
    ["cncve"]=>
    NULL
    ["cvss_score"]=>
    float(8.8)
    ["system"]=>
    string(18) "桌面操作系统"
    ["desc"]=>
    string(1545) "Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the `flatpak-portal` service that can allow sandboxed applications to execute arbitrary code on the host system (a sandbox escape). This sandbox-escape bug is present in versions from 0.11.4 and before fixed versions 1.8.5 and 1.10.0. The Flatpak portal D-Bus service (`flatpak-portal`, also known by its D-Bus service name `org.freedesktop.portal.Flatpak`) allows apps in a Flatpak sandbox to launch their own subprocesses in a new sandbox instance, either with the same security settings as the caller or with more restrictive security settings. For example, this is used in Flatpak-packaged web browsers such as Chromium to launch subprocesses that will process untrusted web content, and give those subprocesses a more restrictive sandbox than the browser itself. In vulnerable versions, the Flatpak portal service passes caller-specified environment variables to non-sandboxed processes on the host system, and in particular to the `flatpak run` command that is used to launch the new sandbox instance. A malicious or compromised Flatpak app could set environment variables that are trusted by the `flatpak run` command, and use them to execute arbitrary code that is not in a sandbox. As a workaround, this vulnerability can be mitigated by preventing the `flatpak-portal` service from starting, but that mitigation will prevent many Flatpak apps from working correctly. This is fixed in versions 1.8.5 and 1.10.0."
    ["date"]=>
    string(10) "2022-02-16"
    ["level"]=>
    string(6) "高危"
    ["package"]=>
    string(7) "flatpak"
    ["repair_version"]=>
    string(17) "1.2.5.1-0+deb10u4"
    ["repair"]=>
    string(48) "sudo apt update && sudo apt dist-upgrade"
    ["prove"]=>
    string(166) "执行命令apt policy PackageName获取软件包版本号，版本小于修复版本，则受此漏洞影响，版本大于等于修复版本，则此漏洞已修复"
    ["patch"]=>
    NULL
    ["references"]=>
    array(1) {
      [0]=>
      string(109) "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21261
https://nvd.nist.gov/vuln/detail/CVE-2021-21261"
    }
    ["createtime"]=>
    NULL
    ["updatetime"]=>
    int(0)
    ["deletetime"]=>
    NULL
    ["visible"]=>
    int(1)
    ["name"]=>
    NULL
    ["cvss_info"]=>
    NULL
    ["sys_type"]=>
    string(18) "桌面操作系统"
    ["repair_date"]=>
    NULL
    ["cve_name"]=>
    NULL
  }
  ["origin":protected]=>
  array(24) {
    ["id"]=>
    int(7212)
    ["cve_code"]=>
    string(14) "CVE-2021-21261"
    ["cnnvd"]=>
    NULL
    ["cncve"]=>
    NULL
    ["cvss_score"]=>
    float(8.8)
    ["system"]=>
    string(18) "桌面操作系统"
    ["desc"]=>
    string(1545) "Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the `flatpak-portal` service that can allow sandboxed applications to execute arbitrary code on the host system (a sandbox escape). This sandbox-escape bug is present in versions from 0.11.4 and before fixed versions 1.8.5 and 1.10.0. The Flatpak portal D-Bus service (`flatpak-portal`, also known by its D-Bus service name `org.freedesktop.portal.Flatpak`) allows apps in a Flatpak sandbox to launch their own subprocesses in a new sandbox instance, either with the same security settings as the caller or with more restrictive security settings. For example, this is used in Flatpak-packaged web browsers such as Chromium to launch subprocesses that will process untrusted web content, and give those subprocesses a more restrictive sandbox than the browser itself. In vulnerable versions, the Flatpak portal service passes caller-specified environment variables to non-sandboxed processes on the host system, and in particular to the `flatpak run` command that is used to launch the new sandbox instance. A malicious or compromised Flatpak app could set environment variables that are trusted by the `flatpak run` command, and use them to execute arbitrary code that is not in a sandbox. As a workaround, this vulnerability can be mitigated by preventing the `flatpak-portal` service from starting, but that mitigation will prevent many Flatpak apps from working correctly. This is fixed in versions 1.8.5 and 1.10.0."
    ["date"]=>
    string(10) "2022-02-16"
    ["level"]=>
    string(6) "高危"
    ["package"]=>
    string(7) "flatpak"
    ["repair_version"]=>
    string(17) "1.2.5.1-0+deb10u4"
    ["repair"]=>
    string(48) "sudo apt update && sudo apt dist-upgrade"
    ["prove"]=>
    string(166) "执行命令apt policy PackageName获取软件包版本号，版本小于修复版本，则受此漏洞影响，版本大于等于修复版本，则此漏洞已修复"
    ["patch"]=>
    NULL
    ["references"]=>
    string(109) "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21261
https://nvd.nist.gov/vuln/detail/CVE-2021-21261"
    ["createtime"]=>
    NULL
    ["updatetime"]=>
    int(0)
    ["deletetime"]=>
    NULL
    ["visible"]=>
    int(1)
    ["name"]=>
    NULL
    ["cvss_info"]=>
    NULL
    ["sys_type"]=>
    string(18) "桌面操作系统"
    ["repair_date"]=>
    NULL
    ["cve_name"]=>
    NULL
  }
  ["relation":protected]=>
  array(0) {
  }
  ["auto":protected]=>
  array(0) {
  }
  ["insert":protected]=>
  array(0) {
  }
  ["update":protected]=>
  array(0) {
  }
  ["dateFormat":protected]=>
  bool(false)
  ["type":protected]=>
  array(0) {
  }
  ["isUpdate":protected]=>
  bool(true)
  ["replace":protected]=>
  bool(false)
  ["force":protected]=>
  bool(false)
  ["updateWhere":protected]=>
  array(1) {
    ["id"]=>
    array(2) {
      [0]=>
      string(2) "eq"
      [1]=>
      string(4) "7212"
    }
  }
  ["failException":protected]=>
  bool(false)
  ["useGlobalScope":protected]=>
  bool(true)
  ["batchValidate":protected]=>
  bool(false)
  ["resultSetType":protected]=>
  string(5) "array"
  ["relationWrite":protected]=>
  NULL
}