OESA-2023-1290

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1290

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2023-1290.json

JSON Data

https://api.test.osv.dev/v1/vulns/OESA-2023-1290

Upstream

CVE-2022-2084

Published

2023-05-19T11:05:16Z

Modified

2025-08-12T05:12:01.671003Z

Summary

cloud-init security update

Details

Cloud-init is the defacto multi-distribution package that handles early initialization of a cloud instance.

Security Fix(es):

Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.(CVE-2022-2084)

Database specific

{
    "severity": "Medium"
}

References

Affected packages

openEuler:20.03-LTS-SP1 / cloud-init

Package

Name: cloud-init
Purl: pkg:rpm/openEuler/cloud-init&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

19.4-10.oe1

Ecosystem specific

{
    "noarch": [
        "cloud-init-19.4-10.oe1.noarch.rpm",
        "cloud-init-help-19.4-10.oe1.noarch.rpm"
    ],
    "src": [
        "cloud-init-19.4-10.oe1.src.rpm"
    ]
}

openEuler:20.03-LTS-SP3 / cloud-init

Package

Name: cloud-init
Purl: pkg:rpm/openEuler/cloud-init&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

19.4-12.oe1

Ecosystem specific

{
    "noarch": [
        "cloud-init-help-19.4-12.oe1.noarch.rpm",
        "cloud-init-19.4-12.oe1.noarch.rpm"
    ],
    "src": [
        "cloud-init-19.4-12.oe1.src.rpm"
    ]
}

openEuler:22.03-LTS / cloud-init

Package

Name: cloud-init
Purl: pkg:rpm/openEuler/cloud-init&distro=openEuler-22.03-LTS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

21.4-14.oe2203sp1

Ecosystem specific

{
    "noarch": [
        "cloud-init-help-21.4-11.oe2203.noarch.rpm",
        "cloud-init-21.4-11.oe2203.noarch.rpm",
        "cloud-init-help-21.4-14.oe2203sp1.noarch.rpm",
        "cloud-init-21.4-14.oe2203sp1.noarch.rpm"
    ],
    "src": [
        "cloud-init-21.4-11.oe2203.src.rpm",
        "cloud-init-21.4-14.oe2203sp1.src.rpm"
    ]
}

openEuler:22.03-LTS-SP1 / cloud-init

Package

Name: cloud-init
Purl: pkg:rpm/openEuler/cloud-init&distro=openEuler-22.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

21.4-14.oe2203sp1

Ecosystem specific

{
    "noarch": [
        "cloud-init-help-21.4-14.oe2203sp1.noarch.rpm",
        "cloud-init-21.4-14.oe2203sp1.noarch.rpm"
    ],
    "src": [
        "cloud-init-21.4-14.oe2203sp1.src.rpm"
    ]
}