CVE-2025-6224

Certificate generation in juju/utils using the cert.NewLeaf function could include private information. If this certificate were then transferred over the network in plaintext, an attacker listening on that network could sniff the certificate and trivially extract the private key from it.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/juju/utils/security/advisories/GHSA-h34r-jxqm-qgpr	Vendor Advisory Exploit

Configurations

Configuration 1 (hide)

cpe:2.3:a:canonical:juju\/utils:*:*:*:*:*:go:*:*

History

10 Sep 2025, 16:08

Type	Values Removed	Values Added
CPE		cpe:2.3:a:canonical:juju\/utils::::::go::*
First Time		Canonical Canonical juju\/utils
References	~~() https://github.com/juju/utils/security/advisories/GHSA-h34r-jxqm-qgpr -~~	() https://github.com/juju/utils/security/advisories/GHSA-h34r-jxqm-qgpr - Vendor Advisory, Exploit

03 Jul 2025, 15:14

Type	Values Removed	Values Added
Summary		(es) La generación de certificados en juju/utils mediante la función cert.NewLeaf podría incluir información privada. Si este certificado se transfiriera por la red en texto plano, un atacante que escuchara en esa red podría rastrearlo y extraer fácilmente su clave privada.

01 Jul 2025, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-01 11:15

Updated : 2025-09-10 16:08

NVD link : CVE-2025-6224

Mitre link : CVE-2025-6224

CVE.ORG link : CVE-2025-6224

JSON object : View

Products Affected

canonical

juju\/utils

CWE

CWE-312

Cleartext Storage of Sensitive Information

{"id": "CVE-2025-6224", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@ubuntu.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2025-07-01T11:15:21.770", "references": [{"url": "https://github.com/juju/utils/security/advisories/GHSA-h34r-jxqm-qgpr", "tags": ["Vendor Advisory", "Exploit"], "source": "security@ubuntu.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@ubuntu.com", "description": [{"lang": "en", "value": "CWE-312"}]}], "descriptions": [{"lang": "en", "value": "Certificate generation in juju/utils using the cert.NewLeaf function could include private information. If this certificate were then transferred over the network in plaintext, an attacker listening on that network could sniff the certificate and trivially extract the private key from it."}, {"lang": "es", "value": "La generaci\u00f3n de certificados en juju/utils mediante la funci\u00f3n cert.NewLeaf podr\u00eda incluir informaci\u00f3n privada. Si este certificado se transfiriera por la red en texto plano, un atacante que escuchara en esa red podr\u00eda rastrearlo y extraer f\u00e1cilmente su clave privada."}], "lastModified": "2025-09-10T16:08:34.040", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:canonical:juju\\/utils:*:*:*:*:*:go:*:*", "vulnerable": true, "matchCriteriaId": "A9C6BB14-8867-4606-9CCB-7EEBC1230202", "versionEndExcluding": "4.0.4", "versionStartIncluding": "4.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@ubuntu.com"}