漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user. Consequently, that user had unintended access to a private /tmp directory.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Canonical snapd 后置链接漏洞
Vulnerability Description
Canonical snapd是英国科能(Canonical)公司的一套软件部署和包管理系统。 Canonical snapd 2.38之前版本中的snap-confine存在后置链接漏洞。该漏洞源于网络系统或产品未正确过滤表示非预期资源的链接或者快捷方式的文件名。攻击者可利用该漏洞访问非法的文件路径。
CVSS Information
N/A
Vulnerability Type
N/A