Vulnerability in Canonical Ubuntu
CVE-2025-14551
In Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, Subiquity could include certain user credentials, such as the user…
EPSS: 0.001 (16.2th percentile) — read the EPSS interpretation.
Affected products
- Canonical Ubuntu — versions 0
Weakness classification (CWE)
References
- noble backport - stop logging network config and identity data (patch, issue-tracking)
- Stop logging identity data and network secrets (patch, issue-tracking)