CVE-2024-6219
published 2024-12-06CVE-2024-6219: Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not…
low3.8CVSS 3.1
AVLACLPRLUINSCCLINAN
Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | lxd | < 5.21.1 | 5.21.1 |
| canonical_ltd | lxd | < 5.21.1 | 5.21.1 |
| debian | incus | — | — |
| debian | lxd | — | — |
| github.com | canonical_lxd | >= 0 < 0.0.0-20240403103450-0e7f2b5bf4d2 | 0.0.0-20240403103450-0e7f2b5bf4d2 |
CVSS provenance
nvdv3.13.8LOWCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
osv3.8LOW