An SSRF flaw in Canonical LXD’s image import routine lets any authenticated user who can create images reach arbitrary URLs from the daemon’s point of view. During import a supplied URL is fetched without checking the destination address, so the daemon can contact loopback interfaces, RFC1918 private ranges, and cloud metadata services. This allows the attacker to probe internal ports, enumerate services, or send unauthorized requests to internal HTTP endpoints, thereby leaking confidential data or facilitating further attacks within the host’s network.

Canonical LXD versions 4.12 through 6.9 are vulnerable. The issue is confined to the /images endpoint used by the image import feature and affects all installations that have granted the can_create_images entitlement to authenticated users.

With a CVSS score of 5 the severity is moderate, and the EPSS score is not reported while the vulnerability is not yet listed in the CISA KEV catalog. Exploitation requires a local authenticated account with image‑creation rights; the attacker then submits an image import request containing a malicious URL. From the daemon’s privileged position the request can reach any internal service, enabling port scanning or request manipulation. Although no public exploitation has been reported, the relatively low CVSS coupled with the ability to interact with internal infrastructure makes the risk significant for environments where LXD hosts need to be isolated from internal resources.