Canonical

Lxd

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1

CVE-2026-34179

Exploit
  • EPSS 0.12%
  • Veröffentlicht 09.04.2026 09:22:14
  • Zuletzt bearbeitet 22.04.2026 20:51:25

In Canonical LXD versions 4.12 through 6.7, the doCertificateUpdate function in lxd/certificates.go does not validate the Type field when handling PUT/PATCH requests to /1.0/certificates/{fingerprint} for restricted TLS certificate users, allowing a ...

9.1

CVE-2026-34178

Exploit
  • EPSS 0.05%
  • Veröffentlicht 09.04.2026 09:18:58
  • Zuletzt bearbeitet 22.04.2026 20:55:16

In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a separate file in the same archive that is never che...

9.1

CVE-2026-34177

  • EPSS 0.16%
  • Veröffentlicht 09.04.2026 09:15:27
  • Zuletzt bearbeitet 22.04.2026 20:57:22

Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go), which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.l...

9.4

CVE-2026-28384

Medienbericht
  • EPSS 0.15%
  • Veröffentlicht 12.03.2026 14:51:29
  • Zuletzt bearbeitet 13.03.2026 19:54:31

An improper sanitization of the compression_algorithm parameter in Canonical LXD allows an authenticated, unprivileged user to execute commands as the LXD daemon on the LXD server via API calls to the image and backup endpoints. This issue affected L...

4.3

CVE-2026-3351

Exploit
  • EPSS 0.03%
  • Veröffentlicht 03.03.2026 13:16:21
  • Zuletzt bearbeitet 11.03.2026 18:41:28

Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server.

6.5

CVE-2025-54293

Exploit
  • EPSS 0.08%
  • Veröffentlicht 02.10.2025 11:15:30
  • Zuletzt bearbeitet 10.12.2025 19:31:47

Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links.

8.1

CVE-2025-54289

Exploit
  • EPSS 0.04%
  • Veröffentlicht 02.10.2025 10:15:39
  • Zuletzt bearbeitet 24.10.2025 14:34:37

Privilege Escalation in operations API in Canonical LXD <6.5 on multiple platforms allows attacker with read permissions to hijack terminal or console sessions and execute arbitrary commands via WebSocket connection hijacking format

4.6

CVE-2025-54292

Exploit
  • EPSS 0.04%
  • Veröffentlicht 02.10.2025 10:15:39
  • Zuletzt bearbeitet 10.12.2025 19:29:48

Path traversal in Canonical LXD LXD-UI versions before 6.5 and 5.21.4 on all platforms allows remote authenticated attackers to access or modify unintended resources via crafted resource names embedded in URL paths.

5.3

CVE-2025-54291

Exploit
  • EPSS 0.11%
  • Veröffentlicht 02.10.2025 10:15:39
  • Zuletzt bearbeitet 24.10.2025 14:11:07

Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses.

5.3

CVE-2025-54290

Exploit
  • EPSS 0.12%
  • Veröffentlicht 02.10.2025 10:15:39
  • Zuletzt bearbeitet 24.10.2025 14:20:05

Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints.