Описание
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/focal | needs-triage | |
| esm-infra/bionic | needs-triage | |
| esm-infra/xenial | needs-triage | |
| jammy | DNE | |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
Показывать по
10
EPSS
Процентиль: 26%
0.00089
Низкий
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.3
nvd
4 месяца назад
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints.
CVSS3: 5.3
debian
4 месяца назад
Information disclosure in image export API in Canonical LXD before 6.5 ...
github
4 месяца назад
Canonical LXD Project Existence Determination Through Error Handling in Image Export Function
EPSS
Процентиль: 26%
0.00089
Низкий
5.3 Medium
CVSS3