EUVD-2024-54980

Malicious code in bioql PyPI...

EUVD-2023-23991

Malicious code in bioql PyPI...

NewStart CGSL MAIN 6.06 : cloud-init Multiple Vulnerabilities (NS-SA-2025-0230)

The remote NewStart CGSL host, running version MAIN 6.06, has cloud-init packages installed that are affected by multiple vulnerabilities: - The default cloud-init configuration, in cloud-init 0.6.2 and newer, included sshdeletekeys: 0, disabling cloud-init's deletion of ssh host keys. In some...

SUSE-SU-2025:20755-1 Security update for cloud-init

This update for cloud-init fixes the following issues: Update to version 25.1.3 bsc1245401,bsc1245403: + docs: provide example3 for PAM and sshpwauth behavior 27 + fix: Make hotplug socket writable only by root 25 CVE-2024-11584 + fix: Don't attempt to identify non-x86 OpenStack instances LP:...

Security update for cloud-init

This update for cloud-init fixes the following issues: Update to version 25.1.3 bsc1245401,bsc1245403: docs: provide example3 for PAM and sshpwauth behavior 27 fix: Make hotplug socket writable only by root 25 CVE-2024-11584 fix: Don't attempt to identify non-x86 OpenStack instances LP: 2069607...

ROS-20250911-11

A vulnerability in Cloud-init cloud server configuration tool is related to incorrect assignment of permissions for a critical resource. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands A vulnerability in the Cloud-Init cloud virtual machine provisioning too...

Linux Distros Unpatched Vulnerability : CVE-2017-10600

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ubuntu-image 1.0 before 2017-07-07, when invoked as non-root, creates files in the resulting image with the uid of the invoking user. When the resulting image i...

SUSE-SU-2025:20656-1 Security update for cloud-init

This update for cloud-init fixes the following issues: Update to version 25.1.3: - CVE-2024-6174: Unpriveleged user could trigger hotplug-hook commands bsc1245403. None security fixes: - Rebase cloud-init to 24.4 or higher bsc1239715, jscPED-8680. - Fixed cloud-init --debug status bsc1228414. -...

Security update for cloud-init

This update for cloud-init fixes the following issues: Update to version 25.1.3: CVE-2024-6174: Unpriveleged user could trigger hotplug-hook commands bsc1245403. None security fixes: Rebase cloud-init to 24.4 or higher bsc1239715, jscPED-8680. Fixed cloud-init --debug status bsc1228414. Using...

Linux Distros Unpatched Vulnerability : CVE-2024-11584

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it...

Linux Distros Unpatched Vulnerability : CVE-2020-8632

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In cloud-init through 19.4, randuserpassword in cloudinit/config/ccsetpasswords.py has a small default pwlen value, which makes it easier for attackers to guess...

Linux Distros Unpatched Vulnerability : CVE-2020-8631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because randstr in...

Ubuntu: Security Advisory (USN-7677-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 41 Update: cloud-init-24.2-4.fc41

Cloud-init is a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install ssh keys and to let the user run various scripts...

[SECURITY] Fedora 42 Update: cloud-init-24.2-5.fc42

Cloud-init is a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install ssh keys and to let the user run various scripts...

Fedora: Security Advisory (FEDORA-2025-58f05c43ae)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-b93ee7b368)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : cloud-init (2025-58f05c43ae)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-58f05c43ae advisory. Backport fixes for CVE-2024-6174 and CVE-2024-11584 - cloud-init included the systemd socket unit cloud-init-hotplugd.socket with default SocketMode...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 : cloud-init vulnerabilities (USN-7677-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7677-1 advisory. Harry Sintonen discovered that the hotplugd socket in cloud-init was world writable. An attacker...

Fedora 42 : cloud-init (2025-b93ee7b368)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b93ee7b368 advisory. Backport fixes for CVE-2024-6174 and CVE-2024-11584 - cloud-init included the systemd socket unit cloud-init-hotplugd.socket with default SocketMode...