Snapd

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-25	CVE-2024-29068	Unspecified vulnerability in Canonical Snapd In snapd versions prior to 2.62, snapd failed to properly check the file type when extracting a snap. local low complexity canonical	6.6
2024-07-25	CVE-2024-29069	Link Following vulnerability in Canonical Snapd In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. local low complexity canonical CWE-59	7.3
2024-07-25	CVE-2024-1724	Incorrect Permission Assignment for Critical Resource vulnerability in Canonical Snapd In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. local low complexity canonical CWE-732	8.2
2024-01-08	CVE-2022-3328	Race Condition vulnerability in Canonical Snapd and Ubuntu Linux Race condition in snap-confine's must_mkdir_and_open_with_perms() local high complexity canonical CWE-362	7.0
2023-09-01	CVE-2023-1523	Injection vulnerability in Canonical Snapd Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. network low complexity canonical CWE-74 critical	10.0
2022-02-17	CVE-2021-3155	Incorrect Default Permissions vulnerability in Canonical Snapd snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions. local low complexity canonical CWE-276	2.1
2022-02-17	CVE-2021-44730	Link Following vulnerability in multiple products snapd 2.54.2 did not properly validate the location of the snap-confine binary. local low complexity canonical fedoraproject debian CWE-59	8.8
2022-02-17	CVE-2021-44731	Race Condition vulnerability in multiple products A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. local high complexity canonical fedoraproject debian CWE-362	7.8
2022-02-17	CVE-2021-4120	Improper Input Validation vulnerability in multiple products snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. local low complexity canonical fedoraproject CWE-20	7.8
2020-07-29	CVE-2020-11933	Unspecified vulnerability in Canonical Snapd cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. local low complexity canonical	4.6