Vulnerability Database

309,136

Total vulnerabilities in the database

CVE-2024-6984

An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local charm.

Published: Jul 29, 2024
Updated: Nov 16, 2025
CVE: CVE-2024-6984
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWEs:

CWE-209

OWASP TOP 10:

A6 - Security Misconfiguration

Affected Software
References

Software	From	Fixed in
canonical / juju	3.5	3.5.3
canonical / juju	3.4	3.4.5
canonical / juju	3.1	3.1.9
canonical / juju	2.9	2.9.50
canonical / juju	3.3	3.3.6

https://github.com/juju/juju/commit/da929676853092a29ddf8d589468cf85ba3efaf2
https://github.com/juju/juju/security/advisories/GHSA-6vjm-54vp-mxhx
https://www.cve.org/CVERecord?id=CVE-2024-6984

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo