EulerOS 2.0 SP9 : cloud-init (EulerOS-SA-2023-2576)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could...

CVE-2023-1786 affecting package cloud-init 21.4-2

CVE-2023-1786 affecting package cloud-init 21.4-2. A patched version of the package is available...

CVE-2022-2084 affecting package cloud-init 21.4-3

CVE-2022-2084 affecting package cloud-init 21.4-3. A patched version of the package is available...

EulerOS 2.0 SP10 : cloud-init (EulerOS-SA-2023-2375)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could...

EulerOS 2.0 SP10 : cloud-init (EulerOS-SA-2023-2349)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could...

CVE-2023-1786 affecting package cloud-init for versions less than 22.4-3

CVE-2023-1786 affecting package cloud-init for versions less than 22.4-3. A patched version of the package is available...

Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2023-2349)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2023-2375)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : cloud-init (SUSE-SU-2023:2628-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2628-1 advisory. - Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are...

SUSE-SU-2023:2628-1 Security update for cloud-init

This update for cloud-init fixes the following issues: - CVE-2023-1786: Do not expose sensitive data gathered from the CSP. bsc1210277 - CVE-2022-2084: Fixed a bug which caused logging schema failures can include password hashes. bsc1210652 - Update to version 23.1 + Support transactional-updates...

Amazon Linux 2023 : cloud-init (ALAS2023-2023-196)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-196 advisory. Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege. CVE-2023-1786 Tenable...

Medium: cloud-init

Issue Overview: Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege. CVE-2023-1786 Affected Packages: cloud-init Issue Correction: Run dnf update cloud-init --releasever...

OESA-2023-1297 cloud-init security update

Cloud-init is the defacto multi-distribution package that handles early initialization of a cloud instance. Security Fixes: Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their...

selinux-policy bug fix update

An update is available for selinux-policy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The selinux-policy packages contain the rules that govern how confined...

Ubuntu: Security Advisory (USN-6042-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6042-2: Cloud-init regression

USN-6042-1 fixed a vulnerability in Cloud-init. The update introduced a regression on Ubuntu 20.04 LTS resulting in a possible loss of networking. This update fixes the problem. We apologize for the inconvenience. Original advisory details: James Golovich discovered that sensitive data could be...

USN-6042-2 cloud-init regression

USN-6042-1 fixed a vulnerability in Cloud-init. The update introduced a regression on Ubuntu 20.04 LTS resulting in a possible loss of networking. This update fixes the problem. We apologize for the inconvenience. Original advisory details: James Golovich discovered that sensitive data could be...

Ubuntu 20.04 LTS : Cloud-init regression (USN-6042-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6042-2 advisory. USN-6042-1 fixed a vulnerability in Cloud-init. The update introduced a regression on Ubuntu 20.04 LTS resulting in a possible loss of networking. This update fix...

OESA-2023-1290 cloud-init security update

Cloud-init is the defacto multi-distribution package that handles early initialization of a cloud instance. Security Fixes: Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed...

SUSE SLES12 Security Update : cloud-init (SUSE-SU-2023:2164-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2164-1 advisory. - When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to th...