CNNVD-202510-360 Information

CNNVD ID

CNNVD-202510-360

Related CVE

CVE-2025-54292

• CNNVD Published: 2025-10-02

Description (Chinese)

LXD是Canonical开源的一款基于Linux系统用于管理应用程序的容器。 LXD 6.5之前版本和5.21.4版本存在安全漏洞，该漏洞源于URL路径中嵌入特制资源名称，可能导致路径遍历攻击。

Description (English)

LXD is an open-source section of Canonical based on the Linux system used to manage applications. There is a security loophole in the previous version of LXD 6.5 and in the version of 5.21.4, which stems from the embedding of a unique resource name in the URL path, which could lead to a path attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

科能软件

Published

2025-10-02

Last Modified

2026-02-24

References

https://github.com/canonical/lxd/security/advisories/GHSA-7425-4qpj-v4w3

Patch

https://github.com/canonical/lxd