Описание
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/focal | not-affected | installs LXD snap |
| esm-infra/bionic | not-affected | see notes |
| esm-infra/xenial | not-affected | see notes |
| jammy | DNE | |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
Показывать по
10
EPSS
Процентиль: 26%
0.00091
Низкий
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.3
nvd
6 месяцев назад
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints.
CVSS3: 5.3
debian
6 месяцев назад
Information disclosure in image export API in Canonical LXD before 6.5 ...
github
6 месяцев назад
Canonical LXD Project Existence Determination Through Error Handling in Image Export Function
EPSS
Процентиль: 26%
0.00091
Низкий
5.3 Medium
CVSS3