Количество 22
Количество 22
ELSA-2020-3898
ELSA-2020-3898: cloud-init security, bug fix, and enhancement update (MODERATE)
openSUSE-SU-2020:0400-1
Security update for cloud-init
SUSE-SU-2020:0818-1
Security update for cloud-init
SUSE-SU-2020:0751-1
Security update for cloud-init
SUSE-SU-2020:0585-1
Security update for cloud-init
ELSA-2020-4650
ELSA-2020-4650: cloud-init security, bug fix, and enhancement update (MODERATE)
CVE-2020-8631
cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.
CVE-2020-8631
cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.
CVE-2020-8631
cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.
CVE-2020-8631
cloud-init through 19.4 relies on Mersenne Twister for a random password which makes it easier for attackers to predict passwords because rand_str in cloudinit/util.py calls the random.choice function.
CVE-2020-8631
cloud-init through 19.4 relies on Mersenne Twister for a random passwo ...
GHSA-2r47-hhff-7qcp
cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.
CVE-2018-10896
The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances created by cloning a golden master or template system, sharing ssh host keys, and being able to impersonate one another or conduct man-in-the-middle attacks.
CVE-2018-10896
The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances created by cloning a golden master or template system, sharing ssh host keys, and being able to impersonate one another or conduct man-in-the-middle attacks.
CVE-2018-10896
CVE-2020-8632
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords.
CVE-2020-8632
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords.
CVE-2020-8632
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords.
CVE-2020-8632
In cloud-init through 19.4 rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value which makes it easier for attackers to guess passwords.
CVE-2020-8632
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_ ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2020-3898 ELSA-2020-3898: cloud-init security, bug fix, and enhancement update (MODERATE) | больше 5 лет назад | ||
 | openSUSE-SU-2020:0400-1 Security update for cloud-init | почти 6 лет назад | ||
| SUSE-SU-2020:0818-1 Security update for cloud-init | почти 6 лет назад | ||
| SUSE-SU-2020:0751-1 Security update for cloud-init | почти 6 лет назад | ||
| SUSE-SU-2020:0585-1 Security update for cloud-init | почти 6 лет назад | ||
| ELSA-2020-4650 ELSA-2020-4650: cloud-init security, bug fix, and enhancement update (MODERATE) | больше 5 лет назад | ||
 | CVE-2020-8631 cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function. | CVSS3: 5.5 | 0% Низкий | около 6 лет назад |
 | CVE-2020-8631 cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function. | CVSS3: 8.1 | 0% Низкий | около 6 лет назад |
 | CVE-2020-8631 cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function. | CVSS3: 5.5 | 0% Низкий | около 6 лет назад |
 | CVE-2020-8631 cloud-init through 19.4 relies on Mersenne Twister for a random password which makes it easier for attackers to predict passwords because rand_str in cloudinit/util.py calls the random.choice function. | CVSS3: 5.5 | 0% Низкий | больше 5 лет назад |
| CVE-2020-8631 cloud-init through 19.4 relies on Mersenne Twister for a random passwo ... | CVSS3: 5.5 | 0% Низкий | около 6 лет назад |
| GHSA-2r47-hhff-7qcp cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function. | 0% Низкий | больше 3 лет назад | |
| CVE-2018-10896 The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances created by cloning a golden master or template system, sharing ssh host keys, and being able to impersonate one another or conduct man-in-the-middle attacks. | CVSS3: 4.6 | 0% Низкий | больше 7 лет назад |
| CVE-2018-10896 The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances created by cloning a golden master or template system, sharing ssh host keys, and being able to impersonate one another or conduct man-in-the-middle attacks. | CVSS3: 7.1 | 0% Низкий | больше 7 лет назад |
| CVSS3: 7.1 | 0% Низкий | больше 5 лет назад | |
| CVE-2020-8632 In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords. | CVSS3: 5.5 | 0% Низкий | около 6 лет назад |
| CVE-2020-8632 In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords. | CVSS3: 8.1 | 0% Низкий | около 6 лет назад |
| CVE-2020-8632 In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords. | CVSS3: 5.5 | 0% Низкий | около 6 лет назад |
| CVE-2020-8632 In cloud-init through 19.4 rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value which makes it easier for attackers to guess passwords. | CVSS3: 5.5 | 0% Низкий | больше 5 лет назад |
| CVE-2020-8632 In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_ ... | CVSS3: 5.5 | 0% Низкий | около 6 лет назад |
Уязвимостей на страницу