Canonical: >> Lxd Security Vulnerabilities
Template Injection in instance snapshot creation component in Canonical LXD (>= 4.0) allows an attacker with instance configuration
permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine.
CVSS Score
7.1
EPSS Score
0.001
Published
2025-10-02
Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attackers with root privileges within any container to impersonate other containers and obtain their metadata, configuration, and device information via spoofed process names in the command line.
CVSS Score
5.1
EPSS Score
0.001
Published
2025-10-02
Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store.
CVSS Score
3.8
EPSS Score
0.001
Published
2024-12-06
Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured.
CVSS Score
3.8
EPSS Score
0.002
Published
2024-12-06
An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot.
CVSS Score
6.7
EPSS Score
0.0
Published
2024-02-14
An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot.
CVSS Score
6.7
EPSS Score
0.0
Published
2024-02-14
LXD before 2.0.2 does not properly set permissions when switching an unprivileged container into privileged mode, which allows local users to access arbitrary world readable paths in the container directory via unspecified vectors.
CVSS Score
5.5
EPSS Score
0.0
Published
2016-06-09
LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors.
CVSS Score
5.5
EPSS Score
0.0
Published
2016-06-09
Page 2