CVE-2025-54293

Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
canonicalCNA
---
---
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
Common Weakness Enumeration
References
https://github.com/canonical/lxd/security/advisories/GHSA-472f-vmf2-pr3h
https://github.com/canonical/lxd/security/advisories/GHSA-472f-vmf2-pr3h