漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Tapir allows DeployKey exposure
Vulnerability Description
Tapir is a private Terraform registry. Tapir versions 0.9.0 and 0.9.1 are facing a critical issue with scope-able Deploykeys where attackers can guess the key to get write access to the registry. User must upgrade to 0.9.2.
CVSS Information
N/A
Vulnerability Type
授权机制不恰当
Vulnerability Title
Tapir 授权问题漏洞
Vulnerability Description
Tapir是PacoVK个人开发者的一个私有 Terraform 注册表。 Tapir 0.9.0版本和0.9.1版本存在授权问题漏洞。攻击者利用该漏洞可以猜测密钥以获取对注册表的写访问权限。
CVSS Information
N/A
Vulnerability Type
N/A