HIGH8.8CVE-2024-6174When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. from 0
HIGH8.8CVE-2012-6639An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance… from 0, < 0.7.1-1
MEDIUM5.5CVE-2023-1786Sensitive data could be exposed in logs of cloud-init before version 23.1.2. from 0
MEDIUM5.5Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported.
from 0, < 22.2-2
MEDIUM5.5cloud-init - security update
from 0, < 20.4.1-2
MEDIUM5.5cloud-init - security update
from 0, < 0.7.9-2+deb9u1
MEDIUM5.5In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easi…
from 0, < 19.4-2
MEDIUM5.5cloud-init - security update
from 0, < 0.7.6~bzr976-2+deb8u1
MEDIUM5.5cloud-init - security update
from 0, < 19.4-2
MEDIUM5.3cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions,…
from 0
MEDIUM5.1A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init…
from 0, < 18.3-6