Latest vulnerabilities for "canonical juju"

Where

Sort:

Canonical JujuJuju CloudSpec API could leak senstive information

Risk 59

Severity

EPSS

0.01%

First published (updated )

CVE-2026-5412

Canonical JujuJuju API Server Denial of Service and Authentication Replay via Unsynchronized Token Map

Risk 37

Severity

EPSS

0.01%

First published (updated )

CVE-2026-5774

Canonical JujuJuju: Resource poisoning

Risk 40

Severity

7.1

First published (updated )

CVE-2025-68153

Canonical JujuJuju: Read All Controller Logs From Compromised Workload

Risk 36

Severity

6.9

First published (updated )

CVE-2025-68152

Canonical JujuImproper TLS Client/Server authentication and certificate verification on Database Cluster

Risk 61

Severity

EPSS

0.07%

First published (updated )

CVE-2026-4370

jujuInsecure Direct Object Reference attack via predictable secret ID in Juju

Risk 46

Severity

6.6

EPSS

0.03%

First published (updated )

CVE-2026-32694

jujuUnauthorized access to Kubernetes secrets in Juju

Risk 56

Severity

8.8

EPSS

0.05%

First published (updated )

CVE-2026-32693

jujuUnauthorized update of out-of-scope Vault secrets

Risk 42

Severity

7.6

EPSS

0.03%

First published (updated )

CVE-2026-32692

juju/jujuTiming ownership claim attack on new external back-end secrets

Risk 23

Severity

5.3

EPSS

0.01%

First published (updated )

CVE-2026-32691

Canonical JujuArbitrary executable upload via authenticated endpoint

Risk 79

Severity

8.8

First published (updated )

CVE-2025-0928

Canonical JujuZip slip vulnerability in Juju

Risk 79

Severity

8.8

First published (updated )

CVE-2025-53513

Canonical JujuSensitive log retrieval in Juju

Risk 38

Severity

6.5

First published (updated )

CVE-2025-53512

Canonical JujuJuju Joyent provider uploads user's private ssh key by default

Risk 43

Severity

7.5

First published (updated )

CVE-2015-1316

Canonical JujuJuju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without se…

Risk 87

Severity

First published (updated )

CVE-2017-9232

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Trending

Versions

Canonical JujuJuju CloudSpec API could leak senstive information

Canonical JujuJuju API Server Denial of Service and Authentication Replay via Unsynchronized Token Map

Canonical JujuJuju: Resource poisoning

Canonical JujuJuju: Read All Controller Logs From Compromised Workload

Canonical JujuImproper TLS Client/Server authentication and certificate verification on Database Cluster

Don't miss critical vulnerabilities

jujuInsecure Direct Object Reference attack via predictable secret ID in Juju

jujuUnauthorized access to Kubernetes secrets in Juju

jujuUnauthorized update of out-of-scope Vault secrets

juju/jujuTiming ownership claim attack on new external back-end secrets

Canonical JujuArbitrary executable upload via authenticated endpoint

Don't miss critical vulnerabilities

Canonical JujuZip slip vulnerability in Juju

Canonical JujuSensitive log retrieval in Juju

Canonical JujuJuju Joyent provider uploads user's private ssh key by default

Canonical JujuJuju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without se…

Company

Resources

Contact