CVE-2019-11503

EPSS 0.45% · P64 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-11503

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir() to the current working directory of the calling user, aka a "cwd restore permission bypass."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Canonical snapd 后置链接漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Canonical snapd是英国科能（Canonical）公司的一套软件部署和包管理系统。 Canonical snapd 2.39之前版本中的snap-confine存在安全漏洞。攻击者可利用该漏洞访问到容器的任意目录。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2019-11503

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2019-11503

请登录查看更多情报信息。

cmd/snap-confine: prevent cwd restore permission bypass by zyga · Pull Request #6642 · canonical/snapd · GitHubx_refsource_MISC
https://www.openwall.com/lists/oss-security/2019/04/18/4x_refsource_MISC
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6VACEKVQ7UAZ32WO4ZKCFW6YOBSYJ76L/vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPU6APEZHAA7N2AI57OT4J2P7NKHFOLM/vendor-advisoryx_refsource_FEDORA
https://nvd.nist.gov/vuln/detail/CVE-2019-11503

Same Patch Batch · n/a · 2019-04-24 · 31 CVEs total

CVE-2019-9635		TensorFlow 代码问题漏洞
CVE-2018-7575		Google TensorFlow 输入验证错误漏洞
CVE-2019-11506		GraphicsMagick 缓冲区错误漏洞
CVE-2019-11505		GraphicsMagick 缓冲区错误漏洞
CVE-2019-11504		Zotonic 跨站脚本漏洞
CVE-2018-18251		Deltek Vision SQL注入漏洞
CVE-2018-20434		LibreNMS 操作系统命令注入漏洞
CVE-2019-11502		Canonical snapd 后置链接漏洞
CVE-2017-18367		libseccomp libseccomp-golang 输入验证错误漏洞
CVE-2019-11218		Jakub Chodounsky Bonobo Git Server 代码问题漏洞
CVE-2019-11217		Jakub Chodounsky Bonobo Git Server 命令注入漏洞
CVE-2019-10008		ZOHO ManageEngine ServiceDesk Plus 授权问题漏洞
CVE-2019-9951		多款Western Digital产品代码问题漏洞
CVE-2019-9950		多款Western Digital产品授权问题漏洞
CVE-2019-10691		Dovecot 授权问题漏洞
CVE-2019-7214		SmarterTools SmarterMail 代码问题漏洞
CVE-2018-10055		TensorFlow 缓冲区错误漏洞
CVE-2018-7577		Google TensorFlow Google Snappy library 输入验证错误漏洞
CVE-2019-11032		EasyToRecruit 跨站脚本漏洞
CVE-2019-9928		GStreamer 缓冲区错误漏洞

Showing top 20 of 31 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2019-11503

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2019-11503

I. Basic Information for CVE-2019-11503

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2019-11503

III. Intelligence Information for CVE-2019-11503

Same Patch Batch · n/a · 2019-04-24 · 31 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2019-11503

Leave a comment