Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-xmwd-5wqc-2ufc
SummaryIn Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, Subiquity could include certain user credentials, such as the user's plaintext Wi-Fi password, in the attached logs.
Aliases
0
alias CVE-2025-14551
1
alias PYSEC-2026-135
Fixed_packages
Affected_packages
References
0
reference_url https://github.com/canonical/subiquity/pull/2357
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://github.com/canonical/subiquity/pull/2357
1
reference_url https://github.com/canonical/subiquity/pull/2358
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://github.com/canonical/subiquity/pull/2358
Weaknesses
Exploits
Severity_range_score8.1 - 8.1
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-xmwd-5wqc-2ufc