Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store.
2024-12-06T00:15:04.380
2025-08-26T17:22:01.483
Analyzed
CVSSv3.1: 3.8 (LOW)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | canonical | lxd | < 4.0.10 | Yes |
| Application | canonical | lxd | < 5.0.4 | Yes |
| Application | canonical | lxd | < 5.21.2 | Yes |