CRITICAL9.1CVE-2026-34177LXD: VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf >= 0.0.0-20210305023314-538ac3df036e, <= 0.0.0-20260226085519-736f34afb267
CRITICAL9.1CVE-2026-34178LXD: Importing a crafted backup leads to project restriction bypass >= 0.0.0-20210305023314-538ac3df036e, <= 0.0.0-20260226085519-736f34afb267
CRITICAL9.1LXD: Update of type field in restricted TLS certificate allows privilege escalation to cluster admin
>= 0.0.0-20210305023314-538ac3df036e, <= 0.0.0-20260226085519-736f34afb267
HIGH8.3lxd - security update
>= 5.0, < 5.0.5
HIGH8.3lxd - security update
from 0
MEDIUM6.8Privilege Escalation via WebSocket Connection Hijacking in Operations API in github.com/canonical/lxd
>= 4.0, < 5.21.4
MEDIUM6.8Privilege Escalation via WebSocket Connection Hijacking in Operations API in github.com/canonical/lxd
from 0
MEDIUM6.5Canonical LXD Path Traversal Vulnerability in Instance Log File Retrieval Function in github.com/canonical/lxd
>= 0.0.0-20200331193331-03aab09f5b5c, < 0.0.0-20250224180022-ec09b24179f3
MEDIUM6.5Canonical LXD Path Traversal Vulnerability in Instance Log File Retrieval Function in github.com/canonical/lxd
>= 4.0, < 5.21.4
MEDIUM5.3Canonical LXD Project Existence Determination Through Error Handling in Image Export Function in github.com/canonical/lxd
>= 4.0, < 5.21.4
MEDIUM5.3Canonical LXD Project Existence Determination Through Error Handling in Image Export Function in github.com/canonical/lxd
>= 0.0.0-20200331193331-03aab09f5b5c, < 0.0.0-20250827065555-0494f5d47e41
MEDIUM5.3Canonical LXD Project Existence Determination Through Error Handling in Image Get Function in github.com/canonical/lxd
>= 4.0, < 5.21.4
MEDIUM5.3Canonical LXD Project Existence Determination Through Error Handling in Image Get Function in github.com/canonical/lxd
>= 0.0.0-20200331193331-03aab09f5b5c, < 0.0.0-20250827065555-0494f5d47e41
MEDIUM4.1Canonical LXD Source Container Identification Vulnerability via cmdline Spoofing in devLXD Server in github.com/canonical/lxd
>= 4.0, < 5.21.4
MEDIUM4.1Canonical LXD Source Container Identification Vulnerability via cmdline Spoofing in devLXD Server in github.com/canonical/lxd
>= 0.0.0-20200331193331-03aab09f5b5c, < 0.0.0-20250827065555-0494f5d47e41
LOW3.8CA certificate sign check bypass in github.com/canonical/lxd
from 0, < 0.0.0-20240708073652-5a492a3f0036
LOW3.8CA certificate sign check bypass in github.com/canonical/lxd
from 0, < 0.0.0-20240708073652-5a492a3f0036
LOW3.8Restricted TLS certificate privilege escalation when in PKI mode in github.com/canonical/lxd
from 0, < 0.0.0-20240403103450-0e7f2b5bf4d2
LOW3.8Restricted TLS certificate privilege escalation when in PKI mode in github.com/canonical/lxd
from 0, < 0.0.0-20240403103450-0e7f2b5bf4d2
—Non-recursive certificate listing bypasses per-object authorization and leaks all fingerprints in github.com/canonical/lxd
from 0
—Non-recursive certificate listing bypasses per-object authorization and leaks all fingerprints in github.com/canonical/lxd
from 0, < 0.0.0-20260224152359-d936c90d47cf