cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.
CPE | Name | Operator | Version |
---|---|---|---|
cloud-init | le | 19.4 | |
debian_linux | eq | 8.0 | |
leap | eq | 15.1 |