snap-confine in snapd prior to 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user. Consequently, that user had unintended access to a private /tmp directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical snapd |