Описание
snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user. Consequently, that user had unintended access to a private /tmp directory.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.38+18.04 |
| cosmic | released | 2.38+18.10 |
| devel | not-affected | 2.38+19.04 |
| disco | released | 2.38+19.04 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needs-triage] |
| esm-infra/bionic | released | 2.38+18.04 |
| esm-infra/xenial | released | 2.38 |
| precise/esm | DNE | |
| trusty | released | 2.38~14.04 |
| trusty/esm | DNE | trusty was needs-triage |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user. Consequently, that user had unintended access to a private /tmp directory.
snap-confine in snapd before 2.38 incorrectly set the ownership of a s ...
snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user. Consequently, that user had unintended access to a private /tmp directory.
EPSS
5 Medium
CVSS2
7.5 High
CVSS3