CVE-2025-54292

Publication date

2025-10-02 09:26:39

Family

canonical

State

PUBLISHED

Description

Path traversal in Canonical LXD LXD-UI versions before 6.5 and 5.21.4 on all platforms allows remote authenticated attackers to access or modify unintended resources via crafted resource names embedded in URL paths.