Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.5 views

FreeBSD : Gitlab -- vulnerabilities (4530fc9f-cb47-11f0-85d8-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 4530fc9f-cb47-11f0-85d8-2cf05da270f3 advisory. Gitlab reports: Race condition issue in CI/CD cache impacts GitLab CE/EE Denial of Service iss...

7.7CVSS6.1AI score0.00443EPSS
Exploits0References8
NVD
NVD
added 2024/12/31 4:15 p.m.23 views

CVE-2024-56802

Tapir is a private Terraform registry. Tapir versions 0.9.0 and 0.9.1 are facing a critical issue with scope-able Deploykeys where attackers can guess the key to get write access to the registry. User must upgrade to 0.9.2...

8.7CVSS0.00362EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/31 3:10 p.m.22 views

CVE-2024-56802 Tapir allows DeployKey exposure

Tapir is a private Terraform registry. Tapir versions 0.9.0 and 0.9.1 are facing a critical issue with scope-able Deploykeys where attackers can guess the key to get write access to the registry. User must upgrade to 0.9.2...

8.7CVSS0.00362EPSS
Exploits0References2
CVE
CVE
added 2024/12/31 3:10 p.m.46 views

CVE-2024-56802

Tapir (private Terraform registry) exposed a vulnerability in versions 0.9.0 and 0.9.1 where scope-able Deploykeys could be guessed, granting write access to the registry. Root cause: deployment keys with insufficient entropy/validation allowed unauthorized write capabilities. Impact: potential u...

8.7CVSS6.6AI score0.00362EPSS
Exploits0References2
Imperva Blog
Imperva Blog
added 2022/09/27 1:40 p.m.20 views

At Kong Summit 2022, Imperva Will Demonstrate how to Use Terraform to Onboard Kong-managed Apps and Discover API Endpoints

Imperva and Kong are working together to simplify APIs Imperva is attending Kong’s 2022 Summit on September 28 and 29 in San Francisco. Imperva’s Summit booth will feature both a recorded and live demo built to showcase how Kong and Imperva seamlessly integrate using Terraform. Imperva, a...

0.1AI score
Exploits0
OSV
OSV
added 2021/05/31 3:39 p.m.13 views

default search paths use Terraform Registry for custom providers in Terraform version 0.15.3

In Hashicorp Terraform version 0.15.3 the default search paths use Terraform Registry for custom providers if they exist in the terraform plan which can be attacked via code processed by the CI/CD pipeline using "terraform plan" resulting in Remote code Execution, exfiltration of environmental...

4.5AI score
Exploits0References3
OSV
OSV
added 2021/05/31 3:39 p.m.11 views

GSD-2021-1000188 default search paths use Terraform Registry for custom providers in Terraform version 0.15.3

In Hashicorp Terraform version 0.15.3 the default search paths use Terraform Registry for custom providers if they exist in the terraform plan which can be attacked via code processed by the CI/CD pipeline using "terraform plan" resulting in Remote code Execution, exfiltration of environmental...

7.5AI score
Exploits0References3
Rows per page
Query Builder