| CVE-2024-5138 |
unknown |
— |
— |
|
|
|
1y ago |
The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse … |
| CVE-2024-1724 |
unknown |
— |
— |
|
|
|
2y ago |
In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatica… |
| CVE-2024-29068 |
unknown |
— |
— |
|
|
|
2y ago |
In snapd versions prior to 2.62, snapd failed to properly check the file type when extracting a snap. The snap format is a squashfs file-system image and so can contain files that are non-regular fil… |
| CVE-2024-29069 |
unknown |
— |
— |
|
|
|
2y ago |
In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic … |
| CVE-2022-3328 |
unknown |
— |
— |
|
|
|
2y ago |
Race condition in snap-confine's must_mkdir_and_open_with_perms() |