cloud-init release 20.4.1 is now available. This is a hotfix
release, that contains a single patch to address a security issue in
cloud-init 20.4.
Briefly, for users who provide more than one unique SSH key to
cloud-init and have a shared AuthorizedKeysFile configured in
sshd_config, cloud-init 20.4 started writing all of these keys to such a
file, granting all such keys SSH access as root.
It's worth restating this implication: if you are using the default
AuthorizedKeysFile setting in /etc/ssh/sshd_config, as most will be,
then you are _not_ affected by this issue.