pkg:Go/github.com/canonical/lxd

All known vulnerabilities

• CRITICAL9.1CVE-2026-34177LXD: VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf
  >= 0.0.0-20210305023314-538ac3df036e, <= 0.0.0-20260226085519-736f34afb267
• CRITICAL9.1CVE-2026-34178LXD: Importing a crafted backup leads to project restriction bypass
  >= 0.0.0-20210305023314-538ac3df036e, <= 0.0.0-20260226085519-736f34afb267
• CRITICAL9.1CVE-2026-34179LXD: Update of type field in restricted TLS certificate allows privilege escalation to cluster admin
  >= 0.0.0-20210305023314-538ac3df036e, <= 0.0.0-20260226085519-736f34afb267
• HIGH8.3CVE-2025-54286Canonical LXD CSRF Vulnerability When Using Client Certificate Authentication with the LXD-UI
  >= 5.0, < 5.0.5
• HIGH8.3CVE-2025-54286Canonical LXD CSRF Vulnerability When Using Client Certificate Authentication with the LXD-UI
  from 0
• MEDIUM6.8CVE-2025-54289Privilege Escalation via WebSocket Connection Hijacking in Operations API in github.com/canonical/lxd
  >= 4.0, < 5.21.4
• MEDIUM6.8CVE-2025-54289Privilege Escalation via WebSocket Connection Hijacking in Operations API in github.com/canonical/lxd
  from 0
• MEDIUM6.5CVE-2025-54293Canonical LXD Path Traversal Vulnerability in Instance Log File Retrieval Function in github.com/canonical/lxd
  >= 0.0.0-20200331193331-03aab09f5b5c, < 0.0.0-20250224180022-ec09b24179f3
• MEDIUM6.5CVE-2025-54293Canonical LXD Path Traversal Vulnerability in Instance Log File Retrieval Function in github.com/canonical/lxd
  >= 4.0, < 5.21.4
• MEDIUM5.3CVE-2025-54290Canonical LXD Project Existence Determination Through Error Handling in Image Export Function in github.com/canonical/lxd
  >= 4.0, < 5.21.4
• MEDIUM5.3CVE-2025-54290Canonical LXD Project Existence Determination Through Error Handling in Image Export Function in github.com/canonical/lxd
  >= 0.0.0-20200331193331-03aab09f5b5c, < 0.0.0-20250827065555-0494f5d47e41
• MEDIUM5.3CVE-2025-54291Canonical LXD Project Existence Determination Through Error Handling in Image Get Function in github.com/canonical/lxd
  >= 4.0, < 5.21.4
• MEDIUM5.3CVE-2025-54291Canonical LXD Project Existence Determination Through Error Handling in Image Get Function in github.com/canonical/lxd
  >= 0.0.0-20200331193331-03aab09f5b5c, < 0.0.0-20250827065555-0494f5d47e41
• MEDIUM4.1CVE-2025-54288Canonical LXD Source Container Identification Vulnerability via cmdline Spoofing in devLXD Server in github.com/canonical/lxd
  >= 4.0, < 5.21.4
• MEDIUM4.1CVE-2025-54288Canonical LXD Source Container Identification Vulnerability via cmdline Spoofing in devLXD Server in github.com/canonical/lxd
  >= 0.0.0-20200331193331-03aab09f5b5c, < 0.0.0-20250827065555-0494f5d47e41
• LOW3.8CVE-2024-6156CA certificate sign check bypass in github.com/canonical/lxd
  from 0, < 0.0.0-20240708073652-5a492a3f0036
• LOW3.8CVE-2024-6156CA certificate sign check bypass in github.com/canonical/lxd
  from 0, < 0.0.0-20240708073652-5a492a3f0036
• LOW3.8CVE-2024-6219lxd has a restricted TLS certificate privilege escalation when in PKI mode
  from 0, < 0.0.0-20240403103450-0e7f2b5bf4d2
• LOW3.8CVE-2024-6219lxd has a restricted TLS certificate privilege escalation when in PKI mode
  from 0, < 0.0.0-20240403103450-0e7f2b5bf4d2
• —CVE-2026-3351lxd's non-recursive certificate listing bypasses per-object authorization and leaks all fingerprints
  from 0
• —CVE-2026-3351lxd's non-recursive certificate listing bypasses per-object authorization and leaks all fingerprints
  from 0, < 0.0.0-20260224152359-d936c90d47cf