CVE-2025-54292

Published October 2nd, 2025

View on NVD ↗

CVSS v3

4.6

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Path traversal in Canonical LXD LXD-UI versions before 6.5 and 5.21.4 on all platforms allows remote authenticated attackers to access or modify unintended resources via crafted resource names embedded in URL paths.

canonical/lxd

Powerful system container and virtual machine manager

GitHub

4.77K