Lucene search

K
osvGoogleOSV:USN-5496-1
HistoryJun 29, 2022 - 10:11 p.m.

cloud-init vulnerability

2022-06-2922:11:21
Google
osv.dev
5

7.4 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

Mike Stroyan discovered that cloud-init could log password hashes when
reporting schema failures. An attacker with access to these logs could
potentially use this to gain user credentials.