VYPR
High severityNVD Advisory· Published Dec 2, 2019· Updated Aug 5, 2024

CVE-2019-19316

CVE-2019-19316

Description

When using the Azure backend with a shared access signature (SAS), Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/hashicorp/terraformGo
< 0.12.170.12.17

Affected products

17

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.