Vulnerabilities > Canonical > Cloud Init > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-25 | CVE-2012-6639 | Improper Privilege Management vulnerability in multiple products An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data. | 8.8 |
| 2018-08-01 | CVE-2018-10896 | Unspecified vulnerability in Canonical Cloud-Init The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0", disabling cloud-init's deletion of ssh host keys. | 7.1 |