Описание
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/focal | not-affected | installs LXD snap |
| esm-infra/bionic | not-affected | see notes |
| esm-infra/xenial | not-affected | see notes |
| jammy | DNE | |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
Показывать по
10
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.3
nvd
4 месяца назад
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints.
CVSS3: 5.3
debian
4 месяца назад
Information disclosure in image export API in Canonical LXD before 6.5 ...
github
4 месяца назад
Canonical LXD Project Existence Determination Through Error Handling in Image Export Function
5.3 Medium
CVSS3