📦 Juju

This vulnerability allows any authenticated Juju controller user to upload malicious agent binaries to any model or the controller itself, bypassing permission checks. This could lead to remote code e...

This vulnerability allows any authenticated user on a Juju controller to upload malicious charms via the /charms endpoint due to insufficient authorization checks. Combined with a Zip Slip vulnerabili...

CVE-2024-7558 allows unprivileged users on the same network namespace to guess the JUJU_CONTEXT_ID authentication secret and access Juju charm information and tools. This affects Juju deployments on b...

This vulnerability allows local users within the same network namespace to access Juju's introspection abstract UNIX domain socket without authentication. This enables denial of service attacks by dis...

This vulnerability allows unauthorized users to access the /log endpoint on Juju controllers, exposing debug messages that may contain sensitive information. Anyone running vulnerable Juju controller ...

This vulnerability allows authenticated users with read access to the Juju controller model to download arbitrary files from the controller's filesystem through a crafted remote request. It affects Ju...