Release | Version |
---|---|
bullseye | 20.4.1-2+deb11u1 |
bookworm | 22.4.2-1+deb12u2 |
trixie | 25.1.1-1 |
sid | 25.1.1-1 |
Bug | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|
CVE-2024-11584 | vulnerable | vulnerable | vulnerable | vulnerable | cloud-initthrough 25.1.2 includes the systemd socket unitcloud-init-ho ... |
CVE-2024-6174 | vulnerable | vulnerable | vulnerable | vulnerable | When a non-x86 platform is detected, cloud-init grants root access to ... |
CVE-2023-1786 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Sensitive data could be exposed in logs of cloud-init before version 2 ... |
Bug | Description |
---|---|
CVE-2022-2084 | Sensitive data could be exposed in world readable logs of cloud-init b ... |
CVE-2021-3429 | When instructing cloud-init to set a random password for a new user ac ... |
CVE-2020-8632 | In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_ ... |
CVE-2020-8631 | cloud-init through 19.4 relies on Mersenne Twister for a random passwo ... |
CVE-2019-0816 | A security feature bypass exists in Azure SSH Keypairs, due to a chang ... |
CVE-2012-6639 | An privilege elevation vulnerability exists in Cloud-init before 0.7.0 ... |
DSA / DLA | Description |
---|---|
DLA-2601-1 | cloud-init - security update |
DLA-2113-1 | cloud-init - security update |