Vulnerabilities

CVE-2025-54287

by Fred · 02/10/2025

Template Injection in instance snapshot creation component in Canonical LXD (>= 4.0) allows an attacker with instance configuration
permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine.

More information : https://github.com/canonical/lxd/security/advisories/GHSA-w2hg-2v4p-vmh6

Similar

Tags: Cybersecurity Alert