5 matches found
CVE-2026-12391
In Canonical ubuntu-pro-client (formerly ubuntu-advantage-tools), a symlink-following flaw in the pro collect-logs workflow allows a local, unprivileged user to influence a predictable temporary path. By creating a symlink to a root-owned file (e.g., /etc/shadow) at that destination, an administr...
CVE-2026-11386
Summary: CVE-2026-11386 affects Canonical ubuntu-pro-client (formerly ubuntu-advantage-tools). The package builds APT source files by interpolating contract server data from directives.suites[] and directives.aptURL without escaping or validation, allowing newline characters to inject attacker-co...
CVE-2026-9494
An information disclosure vulnerability in Canonical ubuntu-pro-client (formerly ubuntu-advantage-tools) allows the secret bearer token to be exposed in a cleartext URL when /usr/lib/apt/apt-helper uses the download-file command. The token is embedded in the URL passed via argv (e.g., bearer:@esm...
PT-2026-60459
Name of the Vulnerable Software and Affected Versions ubuntu-pro-client affected versions not specified Description An input validation and injection issue exists where the client constructs APT source files using data from the contract server response via the directives.suites and...
PT-2026-60465
Name of the Vulnerable Software and Affected Versions ubuntu-pro-client affected versions not specified Description An information disclosure issue exists where the client validates Ubuntu Pro APT credentials by executing the /usr/lib/apt/apt-helper using the download-file command. The secret...