Описание
Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/focal | needs-triage | |
| esm-infra/bionic | needs-triage | |
| esm-infra/xenial | needs-triage | |
| jammy | DNE | |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
Показывать по
10
EPSS
Процентиль: 25%
0.00087
Низкий
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.3
nvd
4 месяца назад
Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses.
CVSS3: 5.3
debian
4 месяца назад
Information disclosure in images API in Canonical LXD before 6.5 and 5 ...
CVSS3: 5.3
github
4 месяца назад
Canonical LXD Project Existence Determination Through Error Handling in Image Get Function
EPSS
Процентиль: 25%
0.00087
Низкий
5.3 Medium
CVSS3