View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2017-9232 high priority: Ubuntu including 2 source packages (juju-core, juju-core-1), 10 status rows across 5 suites (trusty, upstream, xenial, yakkety, zesty): released 8, DNE 2.
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.