pkg:Debian/cloud-init
11 total CVEsHIGH2MEDIUM9
✅ Check your installed version
All known vulnerabilities
- HIGH8.8CVE-2024-6174When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address.from 0
- HIGH8.8CVE-2012-6639An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance…from 0, < 0.7.1-1
- from 0
- MEDIUM5.5CVE-2022-2084Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported.from 0, < 22.2-2
- from 0, < 20.4.1-2
- from 0, < 0.7.9-2+deb9u1
- MEDIUM5.5CVE-2020-8632In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easi…from 0, < 19.4-2
- from 0, < 0.7.6~bzr976-2+deb8u1
- from 0, < 19.4-2
- MEDIUM5.3CVE-2024-11584cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions,…from 0
- MEDIUM5.1CVE-2019-0816A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init…from 0, < 18.3-6