High severityNVD Advisory· Published Oct 2, 2025· Updated Oct 2, 2025
Path Traversal in LXD Instance Log File Retrieval
CVE-2025-54293
Description
Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/canonical/lxdGo | >= 4.0, < 5.21.4 | 5.21.4 |
github.com/canonical/lxdGo | >= 6.0, < 6.5 | 6.5 |
github.com/canonical/lxdGo | >= 0.0.0-20200331193331-03aab09f5b5c, < 0.0.0-20250224180022-ec09b24179f3 | 0.0.0-20250224180022-ec09b24179f3 |
Affected products
3- ghsa-coords2 versions
>= 4.0, < 5.21.4+ 1 more
- (no CPE)range: >= 4.0, < 5.21.4
- (no CPE)range: < 0.0.20251105T184115-1.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.