Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/11 12:0 a.m.4 views

EulerOS 2.0 SP11 : cloud-init (EulerOS-SA-2025-2221)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this,cloud-init defau...

8.8CVSS5.6AI score0.00203EPSS
Exploits0References3
OSV
OSV
added 2025/09/23 9:5 a.m.3 views

SUSE-SU-2025:20755-1 Security update for cloud-init

This update for cloud-init fixes the following issues: Update to version 25.1.3 bsc1245401,bsc1245403: + docs: provide example3 for PAM and sshpwauth behavior 27 + fix: Make hotplug socket writable only by root 25 CVE-2024-11584 + fix: Don't attempt to identify non-x86 OpenStack instances LP:...

8.8CVSS7.1AI score0.00263EPSS
Exploits0References26
SUSE Linux
SUSE Linux
added 2025/09/23 9:4 a.m.3 views

Security update for cloud-init

This update for cloud-init fixes the following issues: Update to version 25.1.3 bsc1245401,bsc1245403: docs: provide example3 for PAM and sshpwauth behavior 27 fix: Make hotplug socket writable only by root 25 CVE-2024-11584 fix: Don't attempt to identify non-x86 OpenStack instances LP: 2069607...

8.8CVSS6.9AI score0.00263EPSS
Exploits0References58
SUSE CVE
SUSE CVE
added 2025/06/27 12:3 a.m.2 views

SUSE CVE-2024-11584

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands...

5.9CVSS6.6AI score0.00121EPSS
Exploits0References8
Rows per page
Query Builder