8 matches found
EUVD-2021-1091
Malware in sbrugna...
CVE-2019-19316
When using the Azure backend with a shared access signature SAS, Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP...
OPENSUSE-SU-2025:0091-1 Security update for restic
This update for restic fixes the following issues: - Fixed CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 boo1239264 - Update to version 0.17.3 - Fix 4971: Fix unusable mount on macOS Sonoma - Fix 5003: Fix metadata errors during...
SUSE CVE-2011-3649
Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D aka D2D API is used on Windows in conjunction with the Azure graphics back-end, allow remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas. NOTE:...
SUSE CVE-2019-19316
When using the Azure backend with a shared access signature SAS, Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP...
Use of a Broken or Risky Cryptographic Algorithm in Terraform
When using the Azure backend with a shared access signature SAS, Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP. Specific Go Packages Affected github.com/hashicorp/terraform/backend/remote-state/azure...
CVE-2019-19316
When using the Azure backend with a shared access signature SAS, Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP...
PT-2019-15807 · Hashicorp +1 · Terraform +1
Name of the Vulnerable Software and Affected Versions: Terraform versions prior to 0.12.17 Description: The issue concerns the transmission of sensitive data in cleartext HTTP when using the Azure backend with a shared access signature SAS in Terraform. This affects the...