Back to search
CVE-2025-68153
Published: Apr 3, 2026
Modified: Apr 4, 2026
PUBLISHED
Description
Juju is an open source application orchestration engine that enables any application operation on any infrastructure at any scale through special operators called ‘charms’. From versions 2.9 to before 2.9.56 and 3.6 to before 3.6.19, any authenticated user, machine or controller under a Juju controller can modify the resources of an application within the entire controller. This issue has been patched in versions 2.9.56 and 3.6.19.
| Vendor | Product | Versions |
|---|---|---|
juju | juju | affected >= 2.9, < 2.9.56affected >= 3.6, < 3.6.19 |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now