Server side template injection In incus
Description
Canonical LXD Arbitrary File Read via Template Injection in Snapshot Patterns in github.com/lxc/lxd Canonical LXD Arbitrary File Read via Template Injection in Snapshot Patterns in github.com/lxc/lxd
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 debian 14 | 6.0.5-1 | ||
debian 13 | 6.0.4-2+deb13u1 | ||
debian 12 | 5.0.2-5+deb12u1 | ||
debian 13 | 5.0.2+git20231211.1364ae4-9+deb13u1 | ||
 go | - | - | |
go | 5.21.4, 6.5.0, 0.0.0-20250827065555-0494f5d47e41 |
Aliases
1. 2. 3. 4. 5. 6. 7. 8. 9.
References
1. 2.