CVE-2019-11502

Published April 24th, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

MEDIUM

Affected

PROJECT

Description

snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user. Consequently, that user had unintended access to a private /tmp directory.

canonical/snapd

The snapd and snap tools enable systems to work with .snap files.

GitHub

2.03K