Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
terraform-provider-proxmox has insecure sudo recommendation in the documentation
Vulnerability Description
Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been patched in version 0.93.1.
CVSS Information
N/A
Vulnerability Type
不安全的默认资源初始化
Vulnerability Title
Terraform / OpenTofu Provider for Proxmox VE 安全漏洞
Vulnerability Description
Terraform / OpenTofu Provider for Proxmox VE是Pavel Boldyrev个人开发者的一个软件。 Terraform / OpenTofu Provider for Proxmox VE 0.93.1之前版本存在安全漏洞,该漏洞源于SSH配置文档中的sudoer行不安全,可能导致路径遍历和编辑任意文件。
CVSS Information
N/A
Vulnerability Type
N/A