CVE-2023-30618

Kitchen-Terraform provides a set of Test Kitchen plugins which enable the use of Test Kitchen to converge a Terraform configuration and verify the resulting infrastructure systems with InSpec controls. Kitchen-Terraform v7.0.0 introduced a regression which caused all Terraform output values,...

Design/Logic Flaw

Kitchen-Terraform provides a set of Test Kitchen plugins which enable the use of Test Kitchen to converge a Terraform configuration and verify the resulting infrastructure systems with InSpec controls. Kitchen-Terraform v7.0.0 introduced a regression which caused all Terraform output values,...

CVE-2023-30618

The CVE-2023-30618 issue affects Kitchen-Terraform, where v7.0.0 regressed to print all Terraform output values, including sensitive ones, at the info level during kitchen converge. This is a local-access disclosure risk, since logs on the attacker’s host could contain sensitive data. Affected co...

CVE-2023-30618 Sensitive Terraform Output Values Printed At Info Logging Level In Kitchen-Terraform

Kitchen-Terraform provides a set of Test Kitchen plugins which enable the use of Test Kitchen to converge a Terraform configuration and verify the resulting infrastructure systems with InSpec controls. Kitchen-Terraform v7.0.0 introduced a regression which caused all Terraform output values,...

CVE-2023-30618 Sensitive Terraform Output Values Printed At Info Logging Level In Kitchen-Terraform

Kitchen-Terraform provides a set of Test Kitchen plugins which enable the use of Test Kitchen to converge a Terraform configuration and verify the resulting infrastructure systems with InSpec controls. Kitchen-Terraform v7.0.0 introduced a regression which caused all Terraform output values,...

Friday Squid Blogging: Linguine allo Scoglio Recipe

Delicious seafood pasta dish -- includes squid -- from Americas Test Kitchen. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...