15 matches found
GO-2025-4121 LXD vulnerable to a local privilege escalation through custom storage volumes in lxd in github.com/canonical/lxd
LXD vulnerable to a local privilege escalation through custom storage volumes in lxd in github.com/canonical/lxd...
GO-2025-4115 Incus vulnerable to local privilege escalation through custom storage volumes in github.com/lxc/incus
Incus vulnerable to local privilege escalation through custom storage volumes in github.com/lxc/incus...
EUVD-2025-180203
LXD vulnerable to a local privilege escalation through custom storage volumes...
LXD vulnerable to a local privilege escalation through custom storage volumes
Impact This affects any LXD user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true as well as access to the host as an unprivileged user. The most common case for this would be...
Incus vulnerable to local privilege escalation through custom storage volumes
Impact This affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true as well as access to the host as an unprivileged user. The most common case for this would ...
CVE-2025-64507
An issue in Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true as well as access to the host as an unprivileged user. The most common case for this would be systems...
Improper Privilege Management
Overview Affected versions of this package are vulnerable to Improper Privilege Management due to the process handling custom storage volumes with the security.shifted property set to true. An attacker can gain elevated privileges on the host system by creating a custom storage volume, writing a...
Improper Privilege Management
Overview Affected versions of this package are vulnerable to Improper Privilege Management due to the process handling custom storage volumes with the security.shifted property set to true. An attacker can gain elevated privileges on the host system by creating a custom storage volume, writing a...
Improper Privilege Management
Overview Affected versions of this package are vulnerable to Improper Privilege Management due to the process handling custom storage volumes with the security.shifted property set to true. An attacker can gain elevated privileges on the host system by creating a custom storage volume, writing a...
CVE-2025-64507
Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true...
CVE-2025-64507 Incus vulnerable to local privilege escalation through custom storage volumes
Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true...
CVE-2025-64507 Incus vulnerable to local privilege escalation through custom storage volumes
Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true...
CVE-2025-64507 Incus vulnerable to local privilege escalation through custom storage volumes
Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true...
PT-2025-46210
Name of the Vulnerable Software and Affected Versions Incus versions prior to 6.0.6 Incus versions prior to 6.19.0 Description Incus is a system container and virtual machine manager. An issue affects any Incus user in an environment where an unprivileged user may have root access to a container...
PYSEC-2024-58
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generatefilename without replicating the file-path validations from the parent class, potentially allow directory traversal via certain...