Vulnerabilities > Canonical > Snapd > 2.57.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-25 | CVE-2024-29068 | Unspecified vulnerability in Canonical Snapd In snapd versions prior to 2.62, snapd failed to properly check the file type when extracting a snap. | 6.6 |
2024-07-25 | CVE-2024-29069 | Link Following vulnerability in Canonical Snapd In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. | 7.3 |
2024-07-25 | CVE-2024-1724 | Incorrect Permission Assignment for Critical Resource vulnerability in Canonical Snapd In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. | 8.2 |
2024-01-08 | CVE-2022-3328 | Race Condition vulnerability in Canonical Snapd and Ubuntu Linux Race condition in snap-confine's must_mkdir_and_open_with_perms() | 7.0 |
2023-09-01 | CVE-2023-1523 | Injection vulnerability in Canonical Snapd Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. | 10.0 |