CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Canonical: >> Juju >> 3.6.3 Security Vulnerabilities

CVE-2025-53512

The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information.

CVSS Score

6.5

EPSS Score

0.002

Published

2025-07-08

CVE-2025-53513

The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through the affected charm.

CVSS Score

8.8

EPSS Score

0.005

Published

2025-07-08

Page 2

Vulnerabilities

Vulnerable Software

Canonical: >> Juju >> 3.6.3 Security Vulnerabilities

Products

Pricing

Contact Us