| Bug | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2024-29069 | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | In snapd versions prior to 2.62, snapd failed to properly check the de ... |
| CVE-2024-29068 | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | In snapd versions prior to 2.62, snapd failed to properly check the fi ... |
| CVE-2024-5138 | fixed | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | The snapctl component within snapd allows a confined snap to interact ... |
| CVE-2024-1724 | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | In snapd versions prior to 2.62, when using AppArmor for enforcement o ... |
| CVE-2023-1523 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Using the TIOCLINUX ioctl request, a malicious snap could inject conte ... |
| CVE-2021-4120 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | snapd 2.54.2 fails to perform sufficient validation of snap content in ... |
| CVE-2021-3155 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | snapd 2.54.2 and earlier created ~/snap directories in user home direc ... |
| CVE-2020-27352 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | When generating the systemd service units for the docker snap (and oth ... |
| CVE-2020-11934 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | It was discovered that snapctl user-open allowed altering the $XDG_DAT ... |
| CVE-2019-11503 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | snap-confine as included in snapd before 2.39 did not guard against sy ... |
| CVE-2019-11502 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | snap-confine in snapd before 2.38 incorrectly set the ownership of a s ... |
| CVE-2019-7303 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | A vulnerability in the seccomp filters of Canonical snapd before versi ... |