VYPR
High severityOSV Advisory· Published Dec 31, 2024· Updated Apr 15, 2026

CVE-2024-56802

CVE-2024-56802

Description

Tapir is a private Terraform registry. Tapir versions 0.9.0 and 0.9.1 are facing a critical issue with scope-able Deploykeys where attackers can guess the key to get write access to the registry. User must upgrade to 0.9.2.

Affected products

2
  • Pacovk/TapirOSV2 versions
    0.9.0, 0.9.1+ 1 more
    • (no CPE)range: 0.9.0, 0.9.1
    • (no CPE)range: >= 0.9.0 <= 0.9.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.