12 matches found
CBL Mariner 2.0 Security Update: packer / terraform (CVE-2023-0475)
The version of packer / terraform installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0475 advisory. - HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 an...
CVE-2023-0475 affecting package terraform for versions less than 1.3.2-22
CVE-2023-0475 affecting package terraform for versions less than 1.3.2-22. A patched version of the package is available...
CVE-2023-0475 affecting package k3s 1.24.12-2
CVE-2023-0475 affecting package k3s 1.24.12-2. This CVE either no longer is or was never applicable...
SUSE CVE-2023-0475
HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0...
CVE-2023-0475 affecting package packer for versions less than 1.8.7-1
CVE-2023-0475 affecting package packer for versions less than 1.8.7-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-0475
A flaw was found in the HashiCorp go-getter package. Affected versions of the HashiCorp go-getter package are vulnerable to a denial of service via a malicious compressed archive...
AZL-13586 CVE-2023-0475 affecting package packer for versions less than 1.8.7-1
HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0...
CVE-2023-0475
HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0...
CVE-2023-0475
CVE-2023-0475 affects HashiCorp go-getter versions up to 1.6.2 and 2.1.1. The flaw is a decompression-bomb vulnerability arising from improper handling of highly compressed data, allowing crafted archives to crash the library. Remediation: upgrade to 1.7.0 (or 2.2.0) where fixed. Connected docume...
CVE-2023-0475 Go-Getter Vulnerable to Decompression Bombs
HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0...
CVE-2023-0475 Go-Getter Vulnerable to Decompression Bombs
HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0...
CVE-2023-0475 Go-Getter Vulnerable to Decompression Bombs
HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0...