CVE-2025-54290

Published October 2nd, 2025

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints.

canonical/lxd

Powerful system container and virtual machine manager

GitHub

4.77K