exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 8

GHSA-3xmh-hrxh-fx8j

5 месяцев назад

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This being used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivelege user could trigger hotplug-hook commands.

CVSS3: 5.9

EPSS: Низкий

CVE-2024-11584

5 месяцев назад

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.

CVSS3: 5.9

EPSS: Низкий

CVE-2024-11584

5 месяцев назад

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.

CVSS3: 5.9

EPSS: Низкий

CVE-2024-11584

5 месяцев назад

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.

CVSS3: 5.9

EPSS: Низкий

CVE-2024-11584

4 месяца назад

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.

CVSS3: 5.9

EPSS: Низкий

CVE-2024-11584

5 месяцев назад

cloud-initthrough 25.1.2 includes the systemd socket unitcloud-init-ho ...

CVSS3: 5.9

EPSS: Низкий

BDU:2025-10929

5 месяцев назад

Уязвимость инструмента для настройки облачного сервера Cloud-init, связанная с неправильным присвоением разрешений для критичного ресурса, позволяющая нарушителю выполнять произвольные команды

CVSS3: 5.9

EPSS: Низкий

ROS-20250911-11

2 месяца назад

Множественные уязвимости cloud-init

CVSS3: 8.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
GHSA-3xmh-hrxh-fx8j cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This being used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivelege user could trigger hotplug-hook commands.	CVSS3: 5.9	0% Низкий	5 месяцев назад
CVE-2024-11584 cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.	CVSS3: 5.9	0% Низкий	5 месяцев назад
CVE-2024-11584 cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.	CVSS3: 5.9	0% Низкий	5 месяцев назад
CVE-2024-11584 cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.	CVSS3: 5.9	0% Низкий	5 месяцев назад
CVE-2024-11584 cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.	CVSS3: 5.9	0% Низкий	4 месяца назад
CVE-2024-11584 cloud-initthrough 25.1.2 includes the systemd socket unitcloud-init-ho ...	CVSS3: 5.9	0% Низкий	5 месяцев назад
BDU:2025-10929 Уязвимость инструмента для настройки облачного сервера Cloud-init, связанная с неправильным присвоением разрешений для критичного ресурса, позволяющая нарушителю выполнять произвольные команды	CVSS3: 5.9	0% Низкий	5 месяцев назад
ROS-20250911-11 Множественные уязвимости cloud-init	CVSS3: 8.8		2 месяца назад

Уязвимостей на страницу