pkg:Debian/lxd

所有已知漏洞

• CRITICAL9.9CVE-2026-33897Incus vulnerable to arbitrary file read and write through pongo templates in github.com/lxc/incus
  from 0, < 5.0.2-5+deb12u4
• CRITICAL9.1CVE-2026-34177LXD: VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf
  from 0, < 5.0.2-5+deb12u5
• CRITICAL9.1CVE-2026-34178LXD: Importing a crafted backup leads to project restriction bypass
  from 0
• CRITICAL9.1CVE-2026-34179LXD: Update of type field in restricted TLS certificate allows privilege escalation to cluster admin
  from 0, < 5.0.2-5+deb12u5
• HIGH8.7CVE-2026-23954Incus container image templating arbitrary host file read and write in github.com/lxc/incus
  from 0, < 5.0.2-5+deb12u3
• HIGH8.7CVE-2026-23953Incus container environment configuration newline injection
  from 0, < 5.0.2-5+deb12u3
• HIGH8.7CVE-2026-23953Incus container environment configuration newline injection
  from 0, < 5.0.2-5+deb12u3
• HIGH8.3CVE-2025-54286Canonical LXD CSRF Vulnerability When Using Client Certificate Authentication with the LXD-UI
  from 0, < 5.0.2-5+deb12u1
• HIGH8.3CVE-2025-54286Canonical LXD CSRF Vulnerability When Using Client Certificate Authentication with the LXD-UI
  from 0, < 5.0.2-5+deb12u1
• HIGH7.8CVE-2025-64507Incus vulnerable to local privilege escalation through custom storage volumes
  from 0, < 5.0.2-5+deb12u2
• HIGH7.8CVE-2025-64507Incus vulnerable to local privilege escalation through custom storage volumes
  from 0, < 5.0.2-5+deb12u2
• MEDIUM6.8CVE-2025-54289Privilege Escalation via WebSocket Connection Hijacking in Operations API in github.com/canonical/lxd
  from 0
• MEDIUM6.5CVE-2026-41684Incus has Nil Dereferences on Restore via Malformed YAML
  from 0, < 5.0.2-5+deb12u6
• MEDIUM6.5CVE-2026-40251Incus Vulnerable to Panic via Snapshot Bounds Check
  from 0, < 5.0.2-5+deb12u6
• MEDIUM6.5CVE-2026-40197Incus has a Nil-Pointer Dereference via Custom Volume Import
  from 0, < 5.0.2-5+deb12u6
• MEDIUM6.5CVE-2025-54287Canonical LXD Arbitrary File Read via Template Injection in Snapshot Patterns in github.com/lxc/lxd
  from 0, < 5.0.2-5+deb12u1
• MEDIUM6.5CVE-2025-54293Canonical LXD Path Traversal Vulnerability in Instance Log File Retrieval Function in github.com/canonical/lxd
  from 0, < 5.0.2-5+deb12u1
• MEDIUM5.3CVE-2025-54290Canonical LXD Project Existence Determination Through Error Handling in Image Export Function in github.com/canonical/lxd
  from 0
• MEDIUM5.3CVE-2025-54291Canonical LXD Project Existence Determination Through Error Handling in Image Get Function in github.com/canonical/lxd
  from 0
• MEDIUM5.0CVE-2026-41648Incus has Unbounded YAML Metadata Decode via Parsing
  from 0, < 5.0.2-5+deb12u6
• MEDIUM4.8CVE-2026-33542Incus does not verify combined fingerprint when downloading images from simplestreams servers in github.com/lxc/incus
  from 0, < 5.0.2-5+deb12u4
• MEDIUM4.3CVE-2026-41685Incus is affected by unbounded binary import disk exhaustion
  from 0, < 5.0.2-5+deb12u6
• MEDIUM4.1CVE-2025-54288Canonical LXD Source Container Identification Vulnerability via cmdline Spoofing in devLXD Server in github.com/canonical/lxd
  from 0, < 5.0.2-5+deb12u1
• LOW3.8CVE-2024-6156CA certificate sign check bypass in github.com/canonical/lxd
  from 0
• —CVE-2026-48756(無摘要)
  from 0
• —CVE-2026-28384lxd - security update
  from 0, < 5.0.2-5+deb12u4
• —CVE-2026-28384lxd - security update
  from 0, < 5.0.2-5+deb12u4
• —CVE-2025-54292Path traversal in Canonical LXD LXD-UI versions before 6.5 and 5.21.4 on all platforms allows remote authenticated attackers to access or m…
  from 0