Vulnerabilities > Canonical > Ubuntu Core Launcher > Critical

DATE CVE VULNERABILITY TITLE RISK
2016-05-13 CVE-2016-1580 Permissions, Privileges, and Access Controls vulnerability in Canonical Ubuntu-Core-Launcher 1.0.27
The setup_snappy_os_mounts function in the ubuntu-core-launcher package before 1.0.27.1 improperly determines the mount point of bind mounts when using snaps, which might allow remote attackers to obtain sensitive information or gain privileges via a snap with a name starting with "ubuntu-core."
network
low complexity
canonical CWE-264
critical
9.8