Количество 4
Количество 4
CVE-2025-53513
The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through the affected charm.
CVE-2025-53513
The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through the affected charm.
CVE-2025-53513
The /charms endpoint on a Juju controller lacked sufficient authorizat ...
GHSA-24ch-w38v-xmh8
Juju zip slip vulnerability via authenticated endpoint
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-53513 The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through the affected charm. | CVSS3: 8.8 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-53513 The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through the affected charm. | CVSS3: 8.8 | 0% Низкий | 7 месяцев назад |
| CVE-2025-53513 The /charms endpoint on a Juju controller lacked sufficient authorizat ... | CVSS3: 8.8 | 0% Низкий | 7 месяцев назад |
| GHSA-24ch-w38v-xmh8 Juju zip slip vulnerability via authenticated endpoint | CVSS3: 8.8 | 0% Низкий | 7 месяцев назад |
Уязвимостей на страницу