An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.
[
{
"product": "cloud-init",
"vendor": "cloud-init",
"versions": [
{
"status": "affected",
"version": "before 0.7.0"
}
]
}
]