Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
5DescriptionCVE.org
Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links.
Analysis
Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links.
Technical ContextAI
Path traversal allows an attacker to access files outside the intended directory by manipulating file paths with sequences like '../'.
RemediationAI
Validate and sanitize file path inputs. Use a whitelist of allowed files or directories. Implement chroot jails or containerization.
Cross-Site Request Forgery (CSRF) in LXD-UI in Canonical LXD versions >= 5.0 on Linux allows an attacker to create and s
Privilege Escalation in operations API in Canonical LXD <6.5 on multiple platforms allows attacker with read permissions
Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attack
A arbitrary file access vulnerability (CVSS 6.5) that allows an attacker with instance configuration permissions. Risk
Cross-guest storage-volume hijacking in Canonical LXD 6.6 through 6.8 lets an untrusted guest instance mount, read, and
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to d
Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remo
Path traversal in Canonical LXD LXD-UI versions before 6.5 and 5.21.4 on all platforms allows remote authenticated attac
Canonical LXD 6.6 on Linux contains an authorization bypass in the GET /1.0/certificates API endpoint that allows authen
Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust
Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was prese
Privilege escalation in Canonical LXD (versions 6.0-6.8, 5.21.0-5.21.4, and 5.0.0-5.0.6) allows an authenticated project
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allVendor StatusVendor
Ubuntu
Priority: Medium| Release | Status | Version |
|---|---|---|
| xenial | needs-triage | - |
| bionic | needs-triage | - |
| focal | needs-triage | - |
| jammy | DNE | - |
| noble | DNE | - |
| plucky | DNE | - |
| upstream | needs-triage | - |
| questing | DNE | - |
Debian
| Release | Status | Fixed Version | Urgency |
|---|---|---|---|
| trixie | fixed | 6.0.4-2+deb13u1 | - |
| trixie (security) | fixed | 6.0.4-2+deb13u4 | - |
| forky, sid | fixed | 6.0.5-8 | - |
| (unstable) | fixed | 6.0.5-1 | - |
| Release | Status | Fixed Version | Urgency |
|---|---|---|---|
| bookworm | fixed | 5.0.2-5+deb12u1 | - |
| bookworm (security) | fixed | 5.0.2-5+deb12u3 | - |
| trixie | fixed | 5.0.2+git20231211.1364ae4-9+deb13u1 | - |
| trixie (security) | fixed | 5.0.2+git20231211.1364ae4-9+deb13u3 | - |
| (unstable) | fixed | (unfixed) | - |
SUSE
Severity: Medium| Product | Status |
|---|---|
| openSUSE Tumbleweed | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-32640
GHSA-472f-vmf2-pr3h