10 matches found
CVE-2026-5774
Improper synchronization of the userTokens map in the API server in Canonical Juju 4.0.5, 3.6.20, and 2.9.56 may allow an authenticated user to possibly cause a denial of service on the server or possibly reuse a single-use discharge token...
EUVD-2026-21366
Juju: In-Memory Token Store for Discharge Tokens Lacks Concurrency Safety and Persistence...
CVE-2026-5774
Improper synchronization of the userTokens map in the API server in Canonical Juju 4.0.5, 3.6.20, and 2.9.56 may allow an authenticated user to possibly cause a denial of service on the server or possibly reuse a single-use discharge token...
CVE-2026-5774
Improper synchronization of the userTokens map in the API server in Canonical Juju 4.0.5, 3.6.20, and 2.9.56 may allow an authenticated user to possibly cause a denial of service on the server or possibly reuse a single-use discharge token...
CVE-2026-5774
CVE-2026-5774 affects Canonical Juju API server components, where improper synchronization of the userTokens map in Juju 4.0.5, 3.6.20, and 2.9.56 can enable an authenticated user to cause a denial of service or potentially replay a single-use discharge token. Root cause: unsynchronized token map...
CVE-2026-5774 Juju API Server Denial of Service and Authentication Replay via Unsynchronized Token Map
Improper synchronization of the userTokens map in the API server in Canonical Juju 4.0.5, 3.6.20, and 2.9.56 may allow an authenticated user to possibly cause a denial of service on the server or possibly reuse a single-use discharge token...
Juju 安全漏洞
Juju is a open-source application orchestration engine developed by Canonical Juju. Vulnerabilities existed in versions prior to Juju 2.9.57 and 3.6.21. These vulnerabilities were due to authorization issues, which could allow low-privilege users to access sensitive credentials...
PT-2026-31910
Name of the Vulnerable Software and Affected Versions Canonical Juju versions 2.9.56, 3.6.20, and 4.0.5 Description Improper synchronization within the userTokens map in the API server of Canonical Juju may allow an authenticated user to cause a denial of service on the server or potentially reus...
Juju security vulnerabilities
Juju is a publicly available application orchestration engine developed by Canonical Juju. There is a security vulnerability in Juju, which stems from a flaw in cross-model authorization. This vulnerability could allow malicious users to maintain privileges that have been revoked or expired...
Canonical Juju Elevation of Privilege Vulnerability
Canonical Juju is an open source application modeling attack from Canonical, USA. An elevation of privilege vulnerability exists in Canonical Juju versions prior to 1.25.12, 2.0.x versions prior to 2.0.4, and 2.1.x versions prior to 2.1.3, which stems from a program using UNIX domain sockets...