Authentication Bypass
github.com/snapcore/snapweb is vulnerable to authentication bypass. The identity of the user and the origin of a connection is not verified before allowing controls to install or remove snap packages. An unauthenticated remote attacker is able to add a malicious snap package from the store and us...