Vulnerabilities > Canonical > Juju

DATE CVE VULNERABILITY TITLE RISK
2024-07-29 CVE-2024-6984 Information Exposure Through an Error Message vulnerability in Canonical Juju
An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local charm.
local
low complexity
canonical CWE-209
3.8
2019-04-22 CVE-2015-1316 Key Management Errors vulnerability in Canonical Juju
Juju Core's Joyent provider before version 1.25.5 uploads the user's private ssh key.
network
low complexity
canonical CWE-320
7.5
2017-05-28 CVE-2017-9232 Missing Authorization vulnerability in Canonical Juju
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.
network
low complexity
canonical CWE-862
critical
9.8