CVE-2025-54291

Published October 2nd, 2025

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses.

canonical/lxd

Powerful system container and virtual machine manager

GitHub

4.77K