canonical/subiquity

canonical/subiquity

canonical-subiquity.readthedocs-hosted.com

Releases105

Frequency1 month 1 week

Last Release about 2 months ago

Stars576

Ubuntu Server Installer, and backend for Ubuntu Desktop Installer

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-14551 ↗	Apr 9, 2026Thursday, 9 April 2026, 16:16	8.1 HIGH	—
In Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, Subiquity could include certain user credentials, such as the user's plaintext Wi-Fi password, in the attached logs.
CVE-2022-0555 ↗	Jun 3, 2024Monday, 3 June 2024, 19:15	8.4 HIGH	—
Subiquity Shows Guided Storage Passphrase in Plaintext with Read-all Permissions
CVE-2023-5182 ↗	Oct 7, 2023Saturday, 7 October 2023, 00:15	5.5 MEDIUM	—
Sensitive data could be exposed in logs of subiquity version 23.09.1 and earlier. An attacker in the adm group could use this information to find hashed passwords and possibly escalate their privilege.
CVE-2020-11932 ↗	May 13, 2020Wednesday, 13 May 2020, 01:15	2.3 LOW	2.1 LOW
It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered.