{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T03:50:50.643","vulnerabilities":[{"cve":{"id":"CVE-2025-6224","sourceIdentifier":"security@ubuntu.com","published":"2025-07-01T11:15:21.770","lastModified":"2025-09-10T16:08:34.040","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Certificate generation in juju/utils using the cert.NewLeaf function could include private information. If this certificate were then transferred over the network in plaintext, an attacker listening on that network could sniff the certificate and trivially extract the private key from it."},{"lang":"es","value":"La generación de certificados en juju/utils mediante la función cert.NewLeaf podría incluir información privada. Si este certificado se transfiriera por la red en texto plano, un atacante que escuchara en esa red podría rastrearlo y extraer fácilmente su clave privada."}],"metrics":{"cvssMetricV31":[{"source":"security@ubuntu.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"security@ubuntu.com","type":"Secondary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:canonical:juju\\/utils:*:*:*:*:*:go:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.0.4","matchCriteriaId":"A9C6BB14-8867-4606-9CCB-7EEBC1230202"}]}]}],"references":[{"url":"https://github.com/juju/utils/security/advisories/GHSA-h34r-jxqm-qgpr","source":"security@ubuntu.com","tags":["Exploit","Vendor Advisory"]}]}}]}