pkg:Debian/snapd

共 23 筆 CVECRITICAL2HIGH14MEDIUM7

✅ 檢查你的版本

所有已知漏洞

  • CRITICAL10.0CVE-2023-1523Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it t…
    from 0
  • CRITICAL9.8CVE-2019-7304Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root.
    from 0, < 2.37.1-1
  • HIGH8.8CVE-2020-27352When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result…
    from 0, < 2.49-1
  • HIGH8.8CVE-2021-44730snapd - security update
    from 0, < 2.37.4-1+deb10u1
  • HIGH8.8CVE-2021-44730snapd - security update
    from 0, < 2.49-1+deb11u1
  • HIGH7.8CVE-2026-3888snapd - security update
    from 0, < 2.57.6-1+deb12u1
  • HIGH7.8CVE-2026-3888snapd - security update
    from 0
  • HIGH7.8CVE-2022-3328snapd - security update
    from 0, < 2.49-1+deb11u2
  • HIGH7.8CVE-2022-3328snapd - security update
    from 0, < 2.49-1+deb11u2
  • HIGH7.8CVE-2022-3328snapd - security update
    from 0, < 2.37.4-1+deb10u2
  • HIGH7.8CVE-2021-4120snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to injec…
    from 0, < 2.49-1+deb11u1
  • HIGH7.8CVE-2021-44731A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap.
    from 0, < 2.49-1+deb11u1
  • HIGH7.5CVE-2019-11503snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir() to the current working direct…
    from 0, < 2.40-1
  • HIGH7.5CVE-2019-11502snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user.
    from 0, < 2.40-1
  • HIGH7.5CVE-2019-7303A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a termi…
    from 0, < 2.37.4-1
  • HIGH7.5CVE-2017-14178In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivile…
    from 0, < 2.30-1
  • MEDIUM6.3CVE-2024-1724snapd failed to restrict writes to the $HOME/bin path in github.com/snapcore/snapd
    from 0
  • MEDIUM5.9CVE-2019-11840golang-go.crypto - security update
    from 0, < 2.21-2+deb9u1
  • MEDIUM5.9CVE-2020-11934It was discovered that snapctl user-open allowed altering the $XDG_DATA_DIRS environment variable when calling the system xdg-open.
    from 0, < 2.45.2-1
  • MEDIUM5.8CVE-2024-29068snapd failed to properly check the file type when extracting a snap in github.com/snapcore/snapd
    from 0
  • MEDIUM5.5CVE-2021-3155snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions.
    from 0
  • MEDIUM4.8CVE-2024-29069snapd failed to properly check the destination of symbolic links when extracting a snap in github.com/snapcore/snapd
    from 0
  • MEDIUM4.0CVE-2024-5138CVE-2024-5138 in github.com/snapcore/snapd
    from 0