VYPR

apk package

chainguard/terraform-1.7

pkg:apk/chainguard/terraform-1.7

Vulnerabilities (2)

  • CVE-2024-24786HigMar 5, 2024
    affected < 1.7.5-r2fixed 1.7.5-r2

    The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.

  • CVE-2019-19316Dec 2, 2019
    affected < 0fixed 0

    When using the Azure backend with a shared access signature (SAS), Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP.