Lucene search
K

4 matches found

OSV
OSV
added 2026/04/06 5:49 p.m.4 views

GO-2026-4924 Juju has a resource poisoning vulnerability in github.com/juju/juju

Juju has a resource poisoning vulnerability in github.com/juju/juju. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please suggest ...

7.1CVSS5.9AI score0.00232EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/03 6:29 p.m.5 views

Juju has a resource poisoning vulnerability

Summary Any authenticated user, machine or controller under a Juju controller can modify the resources of an application within the entire controller. This one is very straightforward to just read in the code: Step 1: The authorisation mechanism for the resource handler is defined here. One is on...

7.1CVSS6.1AI score0.00232EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/03 3:28 p.m.17 views

CVE-2025-68153 Juju: Resource poisoning

Juju is an open source application orchestration engine that enables any application operation on any infrastructure at any scale through special operators called ‘charms’. From versions 2.9 to before 2.9.56 and 3.6 to before 3.6.19, any authenticated user, machine or controller under a Juju...

7.1CVSS0.00232EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/03 3:28 p.m.4 views

CVE-2025-68153 Juju: Resource poisoning

Juju is an open source application orchestration engine that enables any application operation on any infrastructure at any scale through special operators called ‘charms’. From versions 2.9 to before 2.9.56 and 3.6 to before 3.6.19, any authenticated user, machine or controller under a Juju...

7.1CVSS5.8AI score0.00232EPSS
Exploits0References2
Rows per page
Query Builder