Canonical

Juju

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-0928

Exploit
  • EPSS 0.32%
  • Veröffentlicht 08.07.2025 17:20:04
  • Zuletzt bearbeitet 26.08.2025 17:54:53

In Juju versions prior to 3.6.8 and 2.9.52, any authenticated controller user was allowed to upload arbitrary agent binaries to any model or to the controller itself, without verifying model membership or requiring explicit permissions. This enabled ...

6.5

CVE-2025-53513

Exploit
  • EPSS 0.08%
  • Veröffentlicht 08.07.2025 16:57:06
  • Zuletzt bearbeitet 26.08.2025 17:54:43

The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gai...

6.5

CVE-2025-53512

Exploit
  • EPSS 0.04%
  • Veröffentlicht 08.07.2025 16:47:44
  • Zuletzt bearbeitet 26.08.2025 17:54:14

The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information.

4.9

CVE-2023-0092

  • EPSS 0.15%
  • Veröffentlicht 31.01.2025 02:15:28
  • Zuletzt bearbeitet 26.08.2025 17:48:55

An authenticated user who has read access to the juju controller model, may construct a remote request to download an arbitrary file from the controller's filesystem.

8

CVE-2024-7558

Exploit
  • EPSS 0.02%
  • Veröffentlicht 02.10.2024 11:15:11
  • Zuletzt bearbeitet 26.08.2025 17:42:37

JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJU_CONTEXT...

6.5

CVE-2024-8037

  • EPSS 0.01%
  • Veröffentlicht 02.10.2024 11:15:11
  • Zuletzt bearbeitet 26.08.2025 17:48:44

Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and...

5.5

CVE-2024-8038

  • EPSS 0.01%
  • Veröffentlicht 02.10.2024 11:15:11
  • Zuletzt bearbeitet 26.08.2025 17:44:59

Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks.

3.8

CVE-2024-6984

Exploit
  • EPSS 0.1%
  • Veröffentlicht 29.07.2024 14:15:04
  • Zuletzt bearbeitet 21.11.2024 09:50:41

An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local charm.

7.5

CVE-2015-1316

  • EPSS 0.36%
  • Veröffentlicht 22.04.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 02:25:09

Juju Core's Joyent provider before version 1.25.5 uploads the user's private ssh key.

10

CVE-2017-9232

Exploit
  • EPSS 81.61%
  • Veröffentlicht 28.05.2017 00:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.