2 matches found
SUSE CVE-2025-53513
The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through th...
Juju 路径遍历漏洞
Juju is an open source application orchestration engine from Canonical Juju Open Source. A security vulnerability exists in Juju that stems from insufficient authorization checking on the /charms endpoint, which could lead to an arbitrary user uploading a specially crafted charm to gain access to...