Описание
Path traversal in Canonical LXD LXD-UI versions before 6.5 and 5.21.4 on all platforms allows remote authenticated attackers to access or modify unintended resources via crafted resource names embedded in URL paths.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/focal | not-affected | installs LXD snap |
| esm-infra/bionic | not-affected | no web UI |
| esm-infra/xenial | not-affected | no web UI |
| jammy | DNE | |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
Показывать по
10
4.6 Medium
CVSS3
Связанные уязвимости
CVSS3: 4.6
nvd
4 месяца назад
Path traversal in Canonical LXD LXD-UI versions before 6.5 and 5.21.4 on all platforms allows remote authenticated attackers to access or modify unintended resources via crafted resource names embedded in URL paths.
4.6 Medium
CVSS3