📦 Cloud Init

Cloud-init grants root access to a hardcoded URL with a local IP address when detecting a non-x86 platform. This vulnerability affects systems using cloud-init on non-x86 architectures (like ARM, Powe...

CVE-2024-11584 is a privilege escalation vulnerability in cloud-init where the default world-writable permissions on a systemd socket allow unprivileged users to trigger hotplug-hook commands. This af...