CVE-2023-0092

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-0092

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0092.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-0092

Aliases

GHSA-x5rv-w9pm-8qp8

Published

2025-01-31T02:15:28.550Z

Modified

2026-03-02T01:36:28.125889Z

Severity

4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

An authenticated user who has read access to the juju controller model, may construct a remote request to download an arbitrary file from the controller's filesystem.

References

Affected packages

Git / github.com/juju/juju

Affected ranges

Type: GIT
Repo: https://github.com/juju/juju
Events: Introduced

07164c4b2c6a9f5b576b1c151bd85dd3a699be16

Fixed

6d211be0d72d6f4d625c61c7c4ddb4e9325226c8

Introduced

35c560704ee254219ae0c4a37810bde5278e99bb

Fixed

e53f8d9fd2d78a0cf3a36a0e4f0d79ec8f35243c

Affected versions

juju-2.*

juju-2.9.22

juju-2.9.23

juju-2.9.24

juju-2.9.25

juju-2.9.26

juju-2.9.27

juju-2.9.28

juju-2.9.29

juju-2.9.30

juju-2.9.31

juju-2.9.32

juju-2.9.33

juju-2.9.34

juju-2.9.35

juju-2.9.36

juju-2.9.37

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0092.json"