12 matches found
CVE-2026-25499 terraform-provider-proxmox has insecure sudo recommendation in the documentation
Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been...
CVE-2026-25499
CVE-2026-25499 affects the Terraform/OpenTofu Provider for Proxmox. Before version 0.93.1, SSH configuration documentation suggested an insecure sudoer line that could allow escaping the working directory via ../, enabling modification of arbitrary files on the system. This vulnerability has been...
CVE-2026-25499 terraform-provider-proxmox has insecure sudo recommendation in the documentation
Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been...
EUVD-2024-3002
Malicious code in bioql PyPI...
SUSE CVE-2024-9486
A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process. Virtual machine images built using the Proxmox provider do not disable these default credentials, and nodes using the resulting images may be...
GO-2024-3203 VM images built with Image Builder and Proxmox provider use default credentials in github.com/kubernetes-sigs/image-builder
VM images built with Image Builder and Proxmox provider use default credentials in github.com/kubernetes-sigs/image-builder...
GHSA-9224-GGVW-WH7V VM images built with Image Builder and Proxmox provider use default credentials in github.com/kubernetes-sigs/image-builder
A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process. Virtual machine images built using the Proxmox provider do not disable these default credentials, and nodes using the resulting images may be...
CVE-2024-9486
A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process. Virtual machine images built using the Proxmox provider do not disable these default credentials, and nodes using the resulting images may be...
UBUNTU-CVE-2024-9486
A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process. Virtual machine images built using the Proxmox provider do not disable these default credentials, and nodes using the resulting images may be...
CVE-2024-9486 VM images built with Image Builder and Proxmox provider use default credentials
A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process. Virtual machine images built using the Proxmox provider do not disable these default credentials, and nodes using the resulting images may be...
CVE-2024-9486 VM images built with Image Builder and Proxmox provider use default credentials
A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process. Virtual machine images built using the Proxmox provider do not disable these default credentials, and nodes using the resulting images may be...
PT-2024-6906
Name of the Vulnerable Software and Affected Versions Kubernetes Image Builder versions = v0.1.37 Description A security issue was discovered in the Kubernetes Image Builder where default credentials are enabled during the image build process. Virtual machine images built using the Proxmox provid...