CNNVD-202507-1152 Information

CNNVD ID

CNNVD-202507-1152

Related CVE

CVE-2025-0928

• CNNVD Published: 2025-07-08

Description (Chinese)

Juju是Canonical Juju开源的一个开源应用程序编排引擎。 Juju 3.6.8之前版本和2.9.52之前版本存在安全漏洞，该漏洞源于允许上传任意代理二进制文件，可能导致远程代码执行。

Description (English)

Juju is an open source application layout engine at Canonical Juju Open Source. There is a security gap in the previous version of Juju 3.6.8 and the previous version of 2.9.52, which stems from allowing the uploading of arbitrary proxy binary files, which may lead to remote code execution.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Canonical Juju

Published

2025-07-08

Last Modified

2026-02-24

References

https://github.com/juju/juju/security/advisories/GHSA-4vc8-wvhw-m5gv https://access.redhat.com/security/cve/cve-2025-0928 https://nvd.nist.gov/vuln/detail/CVE-2025-0928

Patch

https://github.com/juju/juju/releases