Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
snapd created ~/snap with too-wide permissions
Vulnerability Description
snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Vulnerability Type
缺省权限不正确
Vulnerability Title
snapd 安全漏洞
Vulnerability Description
Snapd是开源的一个跨平台的包管理工具。 snapd 2.54.2及其更早版本存在安全漏洞,该漏洞源于软件在用户的主目录中创建~ snap目录,而没有指定仅属于所有者的权限。这可能允许本地攻击者可利用该漏洞读取本应是私有的信息。
CVSS Information
N/A
Vulnerability Type
N/A