Lucene search
K

8 matches found

Circl
Circl
added 2020/07/29 8:55 p.m.6 views

CVE-2020-11934

creationtimestamp| type| source ---|---|--- 2020-07-29 20:55:26+00:00| seen| https://t.me/cibsecurity/13739 2026-07-08 11:11:39+00:00| seen| https://gist.github.com/julian-klode/eb0381c1cb2cec713ba78d7462ad6167...

5.9CVSS6.1AI score0.00365EPSS
Exploits0References2
NVD
NVD
added 2020/07/29 5:15 p.m.28 views

CVE-2020-11934

It was discovered that snapctl user-open allowed altering the $XDGDATADIRS environment variable when calling the system xdg-open. OpenURL in usersession/userd/launcher.go would alter $XDGDATADIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this t...

5.9CVSS6.3AI score0.00365EPSS
Exploits0References2
OSV
OSV
added 2020/07/29 5:15 p.m.8 views

CVE-2020-11934

It was discovered that snapctl user-open allowed altering the $XDGDATADIRS environment variable when calling the system xdg-open. OpenURL in usersession/userd/launcher.go would alter $XDGDATADIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this t...

5.9CVSS5.7AI score
Exploits0References2
CVE
CVE
added 2020/07/29 4:25 p.m.90 views

CVE-2020-11934

CVE-2020-11934 concerns snapd’s snapctl user-open path where OpenURL() manipulates the XDG_DATA_DIRS environment variable, allowing a malicious snap to influence how host xdg-open opens URLs and potentially run a script within the snap with confinement bypass. The issue did not affect Ubuntu Core...

5.9CVSS6.1AI score0.00365EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/07/16 12:0 a.m.34 views

Fedora 31 : snapd (2020-ccb155ea2c)

Update to v2.45.2 to fix CVE-2020-11933 and CVE-2020-11934 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

7.3CVSS6.2AI score0.00365EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/07/16 12:0 a.m.33 views

Fedora 32 : snapd (2020-7685deba9b)

Update to v2.45.2 to fix CVE-2020-11933 and CVE-2020-11934 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

7.3CVSS6.2AI score0.00365EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/07/16 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-4424-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS6.7AI score0.00365EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2020/07/15 12:0 p.m.34 views

CVE-2020-11934

It was discovered that snapctl user-open allowed altering the $XDGDATADIRS environment variable when calling the system xdg-open. OpenURL in usersession/userd/launcher.go would alter $XDGDATADIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this t...

5.9CVSS6.6AI score0.00365EPSS
Exploits0References2
Rows per page
Query Builder