7 matches found
FreeBSD : Gitlab -- vulnerabilities (4530fc9f-cb47-11f0-85d8-2cf05da270f3)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 4530fc9f-cb47-11f0-85d8-2cf05da270f3 advisory. Gitlab reports: Race condition issue in CI/CD cache impacts GitLab CE/EE Denial of Service iss...
CVE-2024-56802
Tapir is a private Terraform registry. Tapir versions 0.9.0 and 0.9.1 are facing a critical issue with scope-able Deploykeys where attackers can guess the key to get write access to the registry. User must upgrade to 0.9.2...
CVE-2024-56802 Tapir allows DeployKey exposure
Tapir is a private Terraform registry. Tapir versions 0.9.0 and 0.9.1 are facing a critical issue with scope-able Deploykeys where attackers can guess the key to get write access to the registry. User must upgrade to 0.9.2...
CVE-2024-56802
Tapir (private Terraform registry) exposed a vulnerability in versions 0.9.0 and 0.9.1 where scope-able Deploykeys could be guessed, granting write access to the registry. Root cause: deployment keys with insufficient entropy/validation allowed unauthorized write capabilities. Impact: potential u...
At Kong Summit 2022, Imperva Will Demonstrate how to Use Terraform to Onboard Kong-managed Apps and Discover API Endpoints
Imperva and Kong are working together to simplify APIs Imperva is attending Kong’s 2022 Summit on September 28 and 29 in San Francisco. Imperva’s Summit booth will feature both a recorded and live demo built to showcase how Kong and Imperva seamlessly integrate using Terraform. Imperva, a...
default search paths use Terraform Registry for custom providers in Terraform version 0.15.3
In Hashicorp Terraform version 0.15.3 the default search paths use Terraform Registry for custom providers if they exist in the terraform plan which can be attacked via code processed by the CI/CD pipeline using "terraform plan" resulting in Remote code Execution, exfiltration of environmental...
GSD-2021-1000188 default search paths use Terraform Registry for custom providers in Terraform version 0.15.3
In Hashicorp Terraform version 0.15.3 the default search paths use Terraform Registry for custom providers if they exist in the terraform plan which can be attacked via code processed by the CI/CD pipeline using "terraform plan" resulting in Remote code Execution, exfiltration of environmental...