CVE-2022-2084

Опубликовано: 19 апр. 2023

Источник: debian

EPSS Низкий

Описание

Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
cloud-init	fixed	22.2-2		package
cloud-init	not-affected		bullseye	package
cloud-init	not-affected		buster	package

Примечания

https://github.com/canonical/cloud-init/commit/4d467b14363d800b2185b89790d57871f11ea88c
https://bugs.launchpad.net/cloud-init/+bug/1978422

EPSS

Процентиль: 5%

0.00026

Низкий

Связанные уязвимости

CVE-2022-2084

CVSS3: 5.5

ubuntu

около 2 лет назад

Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.

CVE-2022-2084

CVSS3: 5.5

redhat

около 2 лет назад

Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.

CVE-2022-2084

CVSS3: 5.5

nvd

около 2 лет назад

Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.

CVE-2022-2084

CVSS3: 5.5

msrc

около 2 лет назад

Описание отсутствует

GHSA-w62x-qh57-5m94

CVSS3: 5.5

github

около 2 лет назад

Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.

EPSS

Процентиль: 5%

0.00026

Низкий