8 matches found
CVE-2025-32917
Privilege escalation in jarsignature agent plugin in Checkmk versions 2.4.0b7 beta, 2.3.0p32, 2.2.0p42, and 2.1.0p49 EOL allow user with write access to JAVAHOME/bin directory to escalate privileges...
GO-2024-3007 snapd failed to restrict writes to the $HOME/bin path in github.com/snapcore/snapd
snapd failed to restrict writes to the $HOME/bin path in github.com/snapcore/snapd. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners,...
Incorrect Permission Assignment For Critical Resource
github.com/snapcore/snapd is vulnerable to Incorrect Permission Assignment for Critical Resource. The vulnerability is due to the improper restriction of writes to the $HOME/bin path. An attacker can execute arbitrary scripts outside of the expected snap sandbox, potentially allowing them to esca...
GHSA-4MH8-9689-38VR snapd failed to restrict writes to the $HOME/bin path
In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to the users PATH. An attacker who could convince a user to install a malicious snap whic...
DEBIAN-CVE-2024-1724
In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to the users PATH. An attacker who could convince a user to install a malicious snap whic...
snapd 安全漏洞
snapd is a cross-platform package management tool open-sourced by snapcore. Enables systems to use .snap files. A security vulnerability exists in snapd versions prior to 2.62 that stems from the inability to restrict writes to the $HOME/bin path when sandboxing permissions is enforced using...
CVE-2024-1724
In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to the users PATH. An attacker who could convince a user to install a malicious snap whic...
PT-2024-18253 · Canonical +2 · Snapd +3
Name of the Vulnerable Software and Affected Versions: snapd versions prior to 2.62 Description: The issue arises when using AppArmor for enforcement of sandbox permissions in snapd. It failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to...