In both cases, the packages are owned by the same people? (Fun fact: mozilla actually owns both the Firefox snap and the firefox package in the Ubuntu repos.) I'm non sure how that "potentially introduces vulnerabilities" any more than "having a package which has dependencies" does.
I'm not sure what you're referring to with Docker. Canonical provides both the docker.io
package in apt and the docker
snap. Personally I use the snap on my machine because I need to be able to easily switch versions for my development work.
Hold on, have I fallen for Poe's law?