CNNVD-202510-362 Information

CNNVD ID

CNNVD-202510-362

Related CVE

CVE-2025-54290

• CNNVD Published: 2025-10-02

Description (Chinese)

LXD是Canonical开源的一款基于Linux系统用于管理应用程序的容器。 LXD 6.5之前版本和5.21.4版本存在安全漏洞，该漏洞源于图像导出API未经验证，可能导致信息泄露。

Description (English)

LXD is an open-source section of Canonical based on the Linux system used to manage applications. There is a security loophole in previous versions of LXD 6.5 and 5.21.4, which stems from the unverified production of the API from the image, which could lead to the disclosure of information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

科能软件

Published

2025-10-02

Last Modified

2026-02-24

References

https://github.com/canonical/lxd/security/advisories/GHSA-p3x5-mvmp-5f35 https://vigilance.fr/vulnerability/Canonical-LXD-Incus-multiple-vulnerabilities-dated-17-10-2025-48518

Patch

https://github.com/canonical/lxd/releases