4 matches found
EUVD-2022-5084
Malicious code in bioql PyPI...
Design/Logic Flaw
aws/resourceawsiamuserloginprofile.go in the HashiCorp Terraform Amazon Web Services AWS provider through v1.12.0 has an inappropriate PRNG algorithm and seeding, which makes it easier for remote attackers to obtain access by leveraging an IAM account that was provisioned with a weak password...
CVE-2018-9057
aws/resourceawsiamuserloginprofile.go in the HashiCorp Terraform Amazon Web Services AWS provider through v1.12.0 has an inappropriate PRNG algorithm and seeding, which makes it easier for remote attackers to obtain access by leveraging an IAM account that was provisioned with a weak password...
CVE-2018-9057
aws/resourceawsiamuserloginprofile.go in the HashiCorp Terraform Amazon Web Services AWS provider through v1.12.0 has an inappropriate PRNG algorithm and seeding, which makes it easier for remote attackers to obtain access by leveraging an IAM account that was provisioned with a weak password...