CVE |
Vendors |
Products |
Updated |
CVSS |
CVE-2019-7304 |
1 Canonical |
2 Ubuntu Linux, Snapd |
2019-10-09 |
10.0 |
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1. |
CVE-2019-7303 |
1 Canonical |
2 Ubuntu Linux, Snapd |
2019-10-09 |
5.0 |
A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl(2) commands on a 64-bit... |
CVE-2019-11503 |
1 Canonical |
1 Snapd |
2019-07-13 |
5.0 |
snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir() to the current working directory of the calling user, aka a "cwd restore permission bypass." |