Lucene search
+L

10 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.13 views

CVE-2026-5774

Improper synchronization of the userTokens map in the API server in Canonical Juju 4.0.5, 3.6.20, and 2.9.56 may allow an authenticated user to possibly cause a denial of service on the server or possibly reuse a single-use discharge token...

6.4CVSS5.6AI score0.00243EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/10 9:0 p.m.4 views

EUVD-2026-21366

Juju: In-Memory Token Store for Discharge Tokens Lacks Concurrency Safety and Persistence...

6CVSS5.8AI score0.00243EPSS
Exploits1References4
NVD
NVD
added 2026/04/10 1:16 p.m.4 views

CVE-2026-5774

Improper synchronization of the userTokens map in the API server in Canonical Juju 4.0.5, 3.6.20, and 2.9.56 may allow an authenticated user to possibly cause a denial of service on the server or possibly reuse a single-use discharge token...

6.4CVSS0.00243EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/04/10 1:16 p.m.6 views

CVE-2026-5774

Improper synchronization of the userTokens map in the API server in Canonical Juju 4.0.5, 3.6.20, and 2.9.56 may allow an authenticated user to possibly cause a denial of service on the server or possibly reuse a single-use discharge token...

6.4CVSS5.8AI score0.00243EPSS
Exploits1References4
CVE
CVE
added 2026/04/10 12:10 p.m.13 views

CVE-2026-5774

CVE-2026-5774 affects Canonical Juju API server components, where improper synchronization of the userTokens map in Juju 4.0.5, 3.6.20, and 2.9.56 can enable an authenticated user to cause a denial of service or potentially replay a single-use discharge token. Root cause: unsynchronized token map...

6.4CVSS5.8AI score0.00243EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/04/10 12:10 p.m.34 views

CVE-2026-5774 Juju API Server Denial of Service and Authentication Replay via Unsynchronized Token Map

Improper synchronization of the userTokens map in the API server in Canonical Juju 4.0.5, 3.6.20, and 2.9.56 may allow an authenticated user to possibly cause a denial of service on the server or possibly reuse a single-use discharge token...

6CVSS0.00243EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.10 views

Juju 安全漏洞

Juju is a open-source application orchestration engine developed by Canonical Juju. Vulnerabilities existed in versions prior to Juju 2.9.57 and 3.6.21. These vulnerabilities were due to authorization issues, which could allow low-privilege users to access sensitive credentials...

9.9CVSS5.8AI score0.00445EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.9 views

PT-2026-31910

Name of the Vulnerable Software and Affected Versions Canonical Juju versions 2.9.56, 3.6.20, and 4.0.5 Description Improper synchronization within the userTokens map in the API server of Canonical Juju may allow an authenticated user to cause a denial of service on the server or potentially reus...

6.4CVSS5.8AI score0.00243EPSS
Exploits1References11
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.8 views

Juju security vulnerabilities

Juju is a publicly available application orchestration engine developed by Canonical Juju. There is a security vulnerability in Juju, which stems from a flaw in cross-model authorization. This vulnerability could allow malicious users to maintain privileges that have been revoked or expired...

2.1CVSS5.8AI score0.00133EPSS
Exploits0References2
CNVD
CNVD
added 2017/06/02 12:0 a.m.5 views

Canonical Juju Elevation of Privilege Vulnerability

Canonical Juju is an open source application modeling attack from Canonical, USA. An elevation of privilege vulnerability exists in Canonical Juju versions prior to 1.25.12, 2.0.x versions prior to 2.0.4, and 2.1.x versions prior to 2.1.3, which stems from a program using UNIX domain sockets...

10CVSS7.1AI score0.48501EPSS
Exploits5References1
Rows per page
Query Builder