CVE-2025-53512

Опубликовано: 08 июл. 2025

Источник: debian

EPSS Низкий

Описание

The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
juju	removed			package

EPSS

Процентиль: 15%

0.00047

Низкий

Связанные уязвимости

CVE-2025-53512

CVSS3: 6.5

ubuntu

7 месяцев назад

The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information.

CVE-2025-53512

CVSS3: 6.5

nvd

7 месяцев назад

The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information.

GHSA-r64v-82fh-xc63

CVSS3: 6.5

github

7 месяцев назад

Juju vulnerable to sensitive log retrieval via authenticated endpoint without authorization

EPSS

Процентиль: 15%

0.00047

Низкий