CVE-2025-54291

Publication date

2025-10-02 09:25:42

Family

canonical

State

PUBLISHED

Description

Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses.