Lucene search
K

149 matches found

NVD
NVD
added 2025/07/08 5:16 p.m.5 views

CVE-2025-53513

The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through th...

8.8CVSS0.00647EPSS
Exploits1References1
CVE
CVE
added 2025/07/08 4:57 p.m.34 views

CVE-2025-53513

Juju’s CVE-2025-53513 affects the /charms API endpoint, where authenticated users on the controller can upload charms. The vulnerability stems from insufficient authorization checks, enabling a user account to upload a charm and, via a crafted ZIP file with Zip Slip traversal, overwrite server fi...

8.8CVSS6.7AI score0.00647EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/07/08 4:57 p.m.10 views

CVE-2025-53513 Zip slip vulnerability in Juju

The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through th...

8.8CVSS0.00647EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/07/08 4:57 p.m.4 views

CVE-2025-53513 Zip slip vulnerability in Juju

The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through th...

8.8CVSS7.3AI score0.00647EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.6 views

Juju 路径遍历漏洞

Juju is an open source application orchestration engine from Canonical Juju Open Source. A security vulnerability exists in Juju that stems from insufficient authorization checking on the /charms endpoint, which could lead to an arbitrary user uploading a specially crafted charm to gain access to...

8.8CVSS6.6AI score0.00647EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/07/08 12:0 a.m.4 views

PT-2025-28634

Name of the Vulnerable Software and Affected Versions: Juju affected versions not specified Description: The issue concerns a lack of sufficient authorization checks in the "/charms" endpoint on a Juju controller, allowing any user with an account to upload a charm. This could be exploited by...

8.8CVSS6.3AI score0.00647EPSS
Exploits1References15
RedhatCVE
RedhatCVE
added 2025/05/23 10:38 a.m.4 views

CVE-2024-8037

Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJUCONTEXTID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a...

6.5CVSS6.6AI score0.00187EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:10 a.m.8 views

CVE-2022-36830

PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent...

6.2CVSS6.7AI score0.0017EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:11 p.m.7 views

CVE-2022-29180

A vulnerability in which attackers could forge HTTP requests to manipulate the charm data directory to access or delete anything on the server. This has been patched and is available in release v0.12.1. We recommend that all users running self-hosted charm instances update immediately. This...

9.8CVSS6.7AI score0.00745EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:54 p.m.7 views

CVE-2022-36829

PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent...

6.2CVSS6.7AI score0.0017EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:53 p.m.5 views

CVE-2022-36836

Unprotected provider vulnerability in Charm by Samsung prior to version 1.2.3 allows attackers to read connection state without permission...

6.2CVSS6.8AI score0.00179EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 p.m.5 views

CVE-2021-37587

In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data...

6.5CVSS6.6AI score0.00819EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:38 p.m.7 views

CVE-2021-37588

In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data...

5.9CVSS6.9AI score0.00908EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 7:16 p.m.9 views

CVE-2009-0764

Multiple cross-site scripting XSS vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to 1 index.php and 2 kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS5.9AI score0.01204EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/09 10:21 p.m.5 views

CVE-2025-24375 MySQL K8s charm could leak credentials for root-level user `serverconfig`

Charmed MySQL K8s operator is a Charmed Operator for running MySQL on Kubernetes. Before revision 221, the method for calling a SQL DDL or python based mysql-shell scripts can leak database users credentials. The method mysql-operator calls mysql-shell application rely on writing to a temporary...

5CVSS7.2AI score0.00158EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/04/09 10:21 p.m.34 views

CVE-2025-24375 MySQL K8s charm could leak credentials for root-level user `serverconfig`

Charmed MySQL K8s operator is a Charmed Operator for running MySQL on Kubernetes. Before revision 221, the method for calling a SQL DDL or python based mysql-shell scripts can leak database users credentials. The method mysql-operator calls mysql-shell application rely on writing to a temporary...

5CVSS0.00158EPSS
Exploits0References5
CVE
CVE
added 2025/04/09 10:21 p.m.140 views

CVE-2025-24375

The CVE-2025-24375 entry concerns the Charmed MySQL K8s operator (and machine operator) with credential leakage risk. Root cause: the operator calls the mysql-shell/DDL scripts by writing a temporary script file containing full URIs with user credentials, created with read permissions (0644); unp...

5CVSS5.2AI score0.00158EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/01/08 12:0 a.m.4 views

Soft Serve 路径遍历漏洞

Soft Serve is a self-hostable command-line Git server from Charm Open Source. A path traversal vulnerability exists in Soft Serve versions prior to 0.8.2, which stems from vulnerability to a path traversal attack that allows an existing non-administrative user to access and take over another user...

8.8CVSS6.3AI score0.00665EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/11/02 4:3 a.m.4 views

SUSE CVE-2024-7558

JUJUCONTEXTID is a predictable authentication secret. On a Juju machine non-Kubernetes or Juju charm container on Kubernetes, an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJUCONTEXTID value. This gives the unprivileged user access to t...

8CVSS6.9AI score0.00502EPSS
Exploits1References5
OSV
OSV
added 2024/10/03 4:53 p.m.9 views

GHSA-8V4W-F4R9-7H6X Vulnerable juju hook tool abstract UNIX domain socket

Impact When combined with an attack of JUJUCONTEXTID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm. Patches Patch:...

6.5CVSS6.4AI score0.00187EPSS
Exploits0References7
Rows per page
Query Builder