Search CVE reports
11 – 12 of 12 results
Juju Core's Joyent provider before version 1.25.5 uploads the user's private ssh key.
1 affected package
juju-core
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| juju-core | — | — | — | — |
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.
2 affected packages
juju-core, juju-core-1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| juju-core | — | — | — | — |
| juju-core-1 | — | — | — | — |