VYPR
Unrated severityOSV Advisory· Published Apr 24, 2019· Updated Aug 4, 2024

CVE-2019-11503

CVE-2019-11503

Description

snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir() to the current working directory of the calling user, aka a "cwd restore permission bypass."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Snapcore/SnapdOSV2 versions
    1.0-0ubuntu1, 1.0.1-0ubuntu1, 1.1-0ubuntu1, …+ 1 more
    • (no CPE)range: 1.0-0ubuntu1, 1.0.1-0ubuntu1, 1.1-0ubuntu1, …
    • (no CPE)range: <2.39

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.