CVE-2025-54293
- Source
- https://cve.org/CVERecord?id=CVE-2025-54293
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-54293.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-54293
- Aliases
- Downstream
- Related
- Published
- 2025-10-02T10:43:58.246Z
- Modified
- 2026-05-28T03:55:27.531276308Z
- Severity
-
- 7.1 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- Path Traversal in LXD Instance Log File Retrieval
- Details
-
Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links.
- Database specific
{ "cwe_ids": [ "CWE-22" ], "cna_assigner": "canonical", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/54xxx/CVE-2025-54293.json" }- References
Affected packages
Git / github.com/canonical/lxd
Affected ranges
- Type
- GIT
- Repo
- https://github.com/canonical/lxd
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroducedFixed
- Database specific
{ "extracted_events": [ { "introduced": "6.0" }, { "fixed": "6.5" }, { "introduced": "5.21" }, { "fixed": "5.21.4" } ], "source": "AFFECTED_FIELD" }
Affected versions
lxd-0.*
lxd-0.1
lxd-0.10
lxd-0.11
lxd-0.12
lxd-0.13
lxd-0.14
lxd-0.15
lxd-0.16
lxd-0.17
lxd-0.18
lxd-0.19
lxd-0.2
lxd-0.20
lxd-0.21
lxd-0.22
lxd-0.23
lxd-0.24
lxd-0.25
lxd-0.26
lxd-0.27
lxd-0.3
lxd-0.4
lxd-0.5
lxd-0.6
lxd-0.7
lxd-0.8
lxd-0.8.1
lxd-0.9
lxd-2.*
lxd-2.0.0
lxd-2.0.0.beta1
lxd-2.0.0.beta2
lxd-2.0.0.beta3
lxd-2.0.0.beta4
lxd-2.0.0.rc1
lxd-2.0.0.rc2
lxd-2.0.0.rc3
lxd-2.0.0.rc4
lxd-2.0.0.rc5
lxd-2.0.0.rc6
lxd-2.0.0.rc7
lxd-2.0.0.rc8
lxd-2.0.0.rc9
lxd-2.1
lxd-2.10
lxd-2.10.1
lxd-2.11
lxd-2.12
lxd-2.13
lxd-2.14
lxd-2.15
lxd-2.16
lxd-2.17
lxd-2.18
lxd-2.19
lxd-2.2
lxd-2.20
lxd-2.21
lxd-2.3
lxd-2.4
lxd-2.4.1
lxd-2.5
lxd-2.6
lxd-2.6.1
lxd-2.6.2
lxd-2.7
lxd-2.8
lxd-2.9
lxd-2.9.1
lxd-2.9.2
lxd-2.9.3
lxd-3.*
lxd-3.0.0
lxd-3.0.0.beta1
lxd-3.0.0.beta2
lxd-3.0.0.beta3
lxd-3.0.0.beta4
lxd-3.0.0.beta5
lxd-3.0.0.beta6
lxd-3.0.0.beta7
lxd-3.1
lxd-3.10
lxd-3.11
lxd-3.12
lxd-3.13
lxd-3.14
lxd-3.15
lxd-3.16
lxd-3.17
lxd-3.18
lxd-3.19
lxd-3.2
lxd-3.20
lxd-3.21
lxd-3.22
lxd-3.23
lxd-3.3
lxd-3.4
lxd-3.5
lxd-3.6
lxd-3.7
lxd-3.8
lxd-3.9
lxd-4.*
lxd-4.0.0
lxd-4.1
lxd-4.10
lxd-4.11
lxd-4.12
lxd-4.13
lxd-4.14
lxd-4.15
lxd-4.16
lxd-4.17
lxd-4.18
lxd-4.19
lxd-4.2
lxd-4.20
lxd-4.21
lxd-4.22
lxd-4.23
lxd-4.24
lxd-4.3
lxd-4.4
lxd-4.5
lxd-4.6
lxd-4.7
lxd-4.8
lxd-4.9
lxd-5.*
lxd-5.0.0
lxd-5.1
lxd-5.10
lxd-5.11
lxd-5.12
lxd-5.13
lxd-5.14
lxd-5.15
lxd-5.16
lxd-5.17
lxd-5.2
lxd-5.3
lxd-5.4
lxd-5.5
lxd-5.6
lxd-5.7
lxd-5.8
lxd-5.9