CVE-2015-1316

Juju Core's Joyent provider before version 1.25.5 uploads the user's private ssh key.
References
Link Resource
http://bazaar.launchpad.net/~juju-core/juju-core/trunk/revision/4119 Patch Release Notes Third Party Advisory
http://bazaar.launchpad.net/~juju-core/juju-core/trunk/revision/4119 Patch Release Notes Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:canonical:juju:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:25

Type Values Removed Values Added
References () http://bazaar.launchpad.net/~juju-core/juju-core/trunk/revision/4119 - Patch, Release Notes, Third Party Advisory () http://bazaar.launchpad.net/~juju-core/juju-core/trunk/revision/4119 - Patch, Release Notes, Third Party Advisory
CVSS v2 : 5.0
v3 : 7.5
v2 : 5.0
v3 : 6.4

Information

Published : 2019-04-22 16:29

Updated : 2024-11-21 02:25


NVD link : CVE-2015-1316

Mitre link : CVE-2015-1316

CVE.ORG link : CVE-2015-1316


JSON object : View

Products Affected

canonical

  • juju
CWE
CWE-320

Key Management Errors