16 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-6257
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp's go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary...
Fedora: Security Advisory (FEDORA-2024-8669c2a944)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (openSUSE-SU-2024:0269-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (openSUSE-SU-2024:0268-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 41 : opentofu (2024-8669c2a944)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-8669c2a944 advisory. Automatic update for opentofu-1.7.3-3.fc41. Changelog Sat Jul 27 2024 Mikel Olasagasti Uranga - 1.7.3-3 - Fix for CVE-2024-6257 CVE-2024-6104...
openSUSE 15 Security Update : trivy (openSUSE-SU-2024:0269-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0269-1 advisory. trivy was updated to fix the following issues: Update to version 0.54.1: fixflag: incorrect behavior for deprected flag --clear-cache backport:...
openSUSE 15 Security Update : trivy (openSUSE-SU-2024:0268-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0268-1 advisory. trivy was updated to fix the following issues: Update to version 0.54.1: fixflag: incorrect behavior for deprected flag --clear-cache backport:...
Fedora 40 : opentofu (2024-c83208238d)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-c83208238d advisory. Update to 1.8.0 ---- Fix for CVE-2024-6257 CVE-2024-6104 CVE-2024-24789 Tenable has extracted the preceding description block directly from the Fedo...
CBL Mariner 2.0 Security Update: terraform (CVE-2024-6257)
The version of terraform installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6257 advisory. - HashiCorp's go-getter library can be coerced into executing Git update on an existing maliciously modified...
CVE-2024-6257 affecting package terraform for versions less than 1.3.2-17
CVE-2024-6257 affecting package terraform for versions less than 1.3.2-17. A patched version of the package is available...
CVE-2024-6257
HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution...
CVE-2024-6257 vulnerabilities
Vulnerabilities for packages: kots, opentofu, zot, terragrunt, conftest-fips, wolfictl, kubescape, grype, trivy-fips, zarf, tfsec, conftest, datadog-agent, k9s, datadog-agent-fips, snyk-cli, terraform, tflint, trivy...
CVE-2024-6257 vulnerabilities
Vulnerabilities for packages: kubescape, tfsec, terragrunt, kots, trivy, conftest, datadog-agent, zot, k9s, wolfictl, zarf, terraform, snyk-cli, tflint, grype...
AZL-42982 CVE-2024-6257 affecting package terraform for versions less than 1.3.2-17
HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution...
CVE-2024-6257
HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution...
CVE-2024-6257 HashiCorp go-getter Vulnerable to Code Execution On Git Update Via Git Config Manipulation
HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution...