Описание
snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.54.3+18.04 |
| devel | released | 2.54.3+22.04.1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was released [2.54.3+14.04~esm1] |
| esm-infra/bionic | released | 2.54.3+18.04 |
| esm-infra/focal | released | 2.54.3+20.04.1 |
| esm-infra/xenial | released | 2.54.3+16.04~esm2 |
| focal | released | 2.54.3+20.04.1 |
| groovy | ignored | end of life |
| hirsute | ignored | end of life |
| impish | released | 2.54.3+21.10.1 |
Показывать по
EPSS
2.1 Low
CVSS2
3.8 Low
CVSS3
Связанные уязвимости
snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
snapd 2.54.2 and earlier created ~/snap directories in user home direc ...
snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
EPSS
2.1 Low
CVSS2
3.8 Low
CVSS3