| Release | Version |
|---|---|
| bullseye | 20.4.1-2+deb11u1 |
| bookworm | 22.4.2-1+deb12u3 |
| trixie | 25.1.4-1 |
| forky | 25.3-2 |
| sid | 25.3-2 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2024-11584 | vulnerable (no DSA, postponed) | fixed | fixed | fixed | fixed | cloud-initthrough 25.1.2 includes the systemd socket unitcloud-init-ho ... |
| CVE-2024-6174 | vulnerable (no DSA, postponed) | fixed | fixed | fixed | fixed | When a non-x86 platform is detected, cloud-init grants root access to ... |
| CVE-2023-1786 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Sensitive data could be exposed in logs of cloud-init before version 2 ... |
| Bug | Description |
|---|---|
| CVE-2022-2084 | Sensitive data could be exposed in world readable logs of cloud-init b ... |
| CVE-2021-3429 | When instructing cloud-init to set a random password for a new user ac ... |
| CVE-2020-8632 | In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_ ... |
| CVE-2020-8631 | cloud-init through 19.4 relies on Mersenne Twister for a random passwo ... |
| CVE-2019-0816 | A security feature bypass exists in Azure SSH Keypairs, due to a chang ... |
| CVE-2012-6639 | An privilege elevation vulnerability exists in Cloud-init before 0.7.0 ... |
| DSA / DLA | Description |
|---|---|
| DLA-2601-1 | cloud-init - security update |
| DLA-2113-1 | cloud-init - security update |