CVE-2025-15480

UNKNOWN 0.0

Senstive information disclosure was affecting ubuntu-desktop-provision

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

13th

In Ubuntu, ubuntu-desktop-provision version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, ubuntu-desktop-provision could include the user's password hash in the attached logs.

CWE	CWE-1258
Vendor	canonical
Product	ubuntu
Ecosystems	Linux
Industries	Technology
Published	Apr 9, 2026
Last Updated	Apr 10, 2026

Stay Ahead of the Next One

Get instant alerts for canonical ubuntu

Be the first to know when new unknown vulnerabilities affecting canonical ubuntu are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Canonical / Ubuntu

0 ≤ 24.04.4 0 ≤ 25.10 0 ≤ 25.04

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/canonical/ubuntu-desktop-provision/pull/1400 github.com: https://github.com/canonical/ubuntu-desktop-provision/pull/1399