Описание
cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 20.2-45-g5f7825e2-0ubuntu1~18.04.1 |
| devel | not-affected | 21.4-25-g039c40f9-0ubuntu1~22.04.1 |
| eoan | ignored | end of life |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | released | 20.2-45-g5f7825e2-0ubuntu1~18.04.1 |
| esm-infra/focal | not-affected | 20.1-10-g71af48df-0ubuntu5 |
| esm-infra/xenial | ignored | patched version in updates pocket |
| focal | not-affected | 20.1-10-g71af48df-0ubuntu5 |
| groovy | ignored | end of life |
| hirsute | not-affected | 21.1-19-gbad84ad4-0ubuntu2 |
Показывать по
2.1 Low
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.
cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.
cloud-init through 19.4 relies on Mersenne Twister for a random password which makes it easier for attackers to predict passwords because rand_str in cloudinit/util.py calls the random.choice function.
cloud-init through 19.4 relies on Mersenne Twister for a random passwo ...
cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.
2.1 Low
CVSS2
5.5 Medium
CVSS3