Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Canonical Ltd. — Vulnerabilities & Security Advisories 51

Browse all 51 CVE security advisories affecting Canonical Ltd.. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Canonical Ltd. is a software company primarily known for developing and maintaining Ubuntu, a widely deployed Linux distribution, alongside providing enterprise support and cloud infrastructure solutions. With 51 recorded Common Vulnerabilities and Exposures (CVEs), the organization’s historical security landscape reflects typical risks associated with large-scale open-source ecosystems. Common vulnerability classes include remote code execution, cross-site scripting, and privilege escalation, often stemming from complex dependency chains or configuration errors within its extensive software portfolio. Notable security characteristics involve rigorous patch management processes and transparent disclosure policies, which help mitigate long-term exposure. While major incidents are relatively rare due to proactive community engagement and automated testing, the sheer volume of packages managed presents inherent attack surface challenges. Canonical continues to prioritize security updates, ensuring that critical flaws are addressed promptly to maintain system integrity for its global user base.

Top products by Canonical Ltd.: Apport snapd Juju LXD Landscape cloud-init subiquity Authd Ubuntu's gnome-control-center ubuntu-linux AccountService Ubuntu pipewire-pulse Ubuntu EDK II Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10 Pebble Netplan Ubuntu Advantage Desktop Pro Ubuntu Desktop Provision wpa_supplicant Anbox Cloud Ubuntu's pulseaudio
CVE IDTitleCVSSSeverityPublished
CVE-2024-3250 Pebble 安全漏洞 — Pebble 6.5 Medium2024-04-04
CVE-2023-49721 EDK2 安全漏洞 — LXD 6.7 Medium2024-02-14
CVE-2023-48733 EDK2 安全漏洞 — Ubuntu EDK II 6.7 Medium2024-02-14
CVE-2022-4964 pipewire 安全漏洞 — Ubuntu pipewire-pulse 5.5 Medium2024-01-24
CVE-2022-3328 snapd 竞争条件问题漏洞 — snapd 7.8 High2024-01-08
CVE-2023-5182 Subiquity 日志信息泄露漏洞 — subiquityCWE-532 5.5 Medium2023-10-06
CVE-2023-3297 Ubuntu 资源管理错误漏洞 — AccountServiceCWE-416 8.1 High2023-09-01
CVE-2023-1523 snapd 注入漏洞 — snapd 10.0 Critical2023-09-01
CVE-2023-32551 Landscape Open Redirect — LandscapeCWE-601 6.1 Medium2023-06-06
CVE-2023-32550 Landscape's Apache server-status is accessible by default — LandscapeCWE-497 9.3 Critical2023-06-06
CVE-2023-32549 Landscape insecure token generation — LandscapeCWE-338 6.8 Medium2023-06-06
CVE-2023-2612 shiftfs lock unbalance in Ubuntu-specific kernels — ubuntu-linuxCWE-667 4.4 Medium2023-05-30
CVE-2023-1786 sensitive data exposure in cloud-init logs — cloud-initCWE-532 5.5 Medium2023-04-26
CVE-2022-2084 sensitive data exposure in cloud-init logs — cloud-initCWE-532 5.5 Medium2023-04-19
CVE-2021-3429 sensitive data exposure in cloud-init logs — cloud-initCWE-532 5.5 Medium2023-04-19
CVE-2023-1326 local privilege escalation in apport-cli — ApportCWE-269 7.7 High2023-04-13
CVE-2021-4120 snapd could be made to bypass intended access restrictions through snap content interfaces and layout paths — snapdCWE-20 8.2 High2022-02-17
CVE-2021-44730 snapd could be made to escalate privileges and run programs as administrator — snapdCWE-59 7.8 High2022-02-17
CVE-2021-3155 snapd created ~/snap with too-wide permissions — snapdCWE-276 3.8 Low2022-02-17
CVE-2021-44731 snapd could be made to escalate privileges and run programs as administrator — snapdCWE-362 7.8 High2022-02-17
CVE-2018-6559 Ubuntu Linux Kernel 安全漏洞 — Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10CWE-200 3.3 -2018-10-26

This page lists every published CVE security advisory associated with Canonical Ltd.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.