CVE-2022-2084

Name
CVE-2022-2084
Description
Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/canonical/cloud-init/commit/4d467b14363d800b2185b89790d57871f11ea88c
MISC https://ubuntu.com/security/notices/USN-5496-1

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:canonical:cloud-init:*:*:*:*:*:*:*:* cloud-init >= None < 22.3

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
cloud-init 3.16-community 22.2.2-r0 Dermot Bradley <dermot_bradley@yahoo.com> fixed