📦 Snapd

A privilege escalation vulnerability in snapd's systemd service unit generation allows Docker containers within snaps to gain unintended privileges. When systemd reloads units without Delegate=yes, co...

This vulnerability allows malicious snaps to inject terminal input via TIOCLINUX ioctl, potentially executing arbitrary commands outside the snap sandbox after the snap exits. Only affects snaps runni...

CVE-2022-3328 is a race condition vulnerability in snap-confine's must_mkdir_and_open_with_perms() function that could allow local privilege escalation. Attackers could exploit this to gain root privi...

CVE-2021-44730 is a privilege escalation vulnerability in snapd where improper validation of the snap-confine binary location allows local attackers to create hardlinks to arbitrary binaries. When exp...

This vulnerability in snapd allows malicious snaps to bypass strict confinement by injecting arbitrary AppArmor policy rules through malformed content interface and layout declarations. It affects sys...

A symbolic link vulnerability in snapd versions before 2.62 allows attackers to write privileged information to world-readable directories. Attackers can exploit this by creating malicious snaps with ...

This vulnerability in snapd versions before 2.62 allows malicious snaps with 'home' plug permissions to write arbitrary scripts to the user's $HOME/bin directory. Since Ubuntu automatically adds this ...