Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Juju
(Canonical)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-07-29 | CVE-2024-6984 | An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local charm. | Juju | 3.8 | ||
| 2019-04-22 | CVE-2015-1316 | Juju Core's Joyent provider before version 1.25.5 uploads the user's private ssh key. | Juju | 7.5 | ||
| 2017-05-27 | CVE-2017-9232 | Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root. | Juju | 9.8 |