4 matches found
CVE-2025-41737
Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source of php modules...
CVE-2025-41737 Improper access control via php endpoint
Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source of php modules...
OpenTofu potential leaking of secret variable values when using static evaluation in v1.8
Impact Users who have opted into static evaluation of module sources, versions, and backend configurations may be at risk of exposing sensitive variables and locals. This is a workflow that should not be possible and explicitly show errors. Workarounds Check that you are not using sensitive...
GHSA-WPR2-J6GR-PJW9 OpenTofu potential leaking of secret variable values when using static evaluation in v1.8
Impact Users who have opted into static evaluation of module sources, versions, and backend configurations may be at risk of exposing sensitive variables and locals. This is a workflow that should not be possible and explicitly show errors. Workarounds Check that you are not using sensitive...