Canonical Ltd Subiquity vulnerabilities

2 known vulnerabilities affecting canonical_ltd/subiquity.

Total CVEs

2

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH1MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2022-0555HIGHCVSS 8.4fixed in 22.02.12024-06-03

CVE-2022-0555 [HIGH] CWE-256 CVE-2022-0555: Subiquity Shows Guided Storage Passphrase in Plaintext with Read-all Permissions Subiquity Shows Guided Storage Passphrase in Plaintext with Read-all Permissions

CVE-2023-5182MEDIUMCVSS 5.5≤ 23.09.12023-10-07

CVE-2023-5182 [MEDIUM] CWE-532 CVE-2023-5182: Sensitive data could be exposed in logs of subiquity version 23.09.1 and earlier. An attacker in the Sensitive data could be exposed in logs of subiquity version 23.09.1 and earlier. An attacker in the adm group could use this information to find hashed passwords and possibly escalate their privilege.