Vulnerabilities > Canonical > Snapd > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-25 | CVE-2024-29068 | Unspecified vulnerability in Canonical Snapd In snapd versions prior to 2.62, snapd failed to properly check the file type when extracting a snap. | 6.6 |
| 2020-07-29 | CVE-2020-11933 | Unspecified vulnerability in Canonical Snapd cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. | 4.6 |
| 2019-04-24 | CVE-2019-11502 | Link Following vulnerability in Canonical Snapd snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user. | 5.0 |
| 2019-04-23 | CVE-2019-7303 | Unspecified vulnerability in Canonical Snapd and Ubuntu Linux A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. | 5.0 |