Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses.
CVSS
No CVSS.
References
Configurations
No configuration.
History
02 Oct 2025, 10:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-10-02 10:15
Updated : 2025-10-02 19:11
NVD link : CVE-2025-54291
Mitre link : CVE-2025-54291
CVE.ORG link : CVE-2025-54291
JSON object : View
Products Affected
No product.
CWE
CWE-209
Generation of Error Message Containing Sensitive Information