vulnerability

Debian: CVE-2025-54287: lxd -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:C/I:N/A:N)	Oct 21, 2025	Oct 21, 2025	Oct 23, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:N/A:N)

Published

Oct 21, 2025

Added

Oct 21, 2025

Modified

Oct 23, 2025

Description

Template Injection in instance snapshot creation component in Canonical LXD (>= 4.0) allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine.

Solution

debian-upgrade-lxd

References

CVE-2025-54287
https://attackerkb.com/topics/CVE-2025-54287
CWE-1336
DEBIAN-DSA-6027-1
DEBIAN-DSA-6028-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today