7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.1 High
AI Score
Confidence
Low
3.5 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:S/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
8.4%
Race condition in snap-confineβs must_mkdir_and_open_with_perms()
CPE | Name | Operator | Version |
---|---|---|---|
github.com/snapcore/snapd | lt | 2.57.6 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3328
github.com/advisories/GHSA-cjqf-877p-7m3f
github.com/snapcore/snapd/commit/21ebc51f00b8a1417888faa2e83a372fd29d0f5e
github.com/snapcore/snapd/commit/6226cdc57052f4b7057d92f2e549aa169e35cd2d
github.com/snapcore/snapd/pull/12380
nvd.nist.gov/vuln/detail/CVE-2022-3328
ubuntu.com/security/notices/USN-5753-1
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.1 High
AI Score
Confidence
Low
3.5 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:S/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
8.4%