CVE-2019-19316

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2019-19316

Severity

Unknown

Description

When using the Azure backend with a shared access signature (SAS), Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP.

References

https://images.chainguard.dev/security/CGA-7hjf-wfrp-789v
https://github.com/advisories/GHSA-h3p9-wrgx-82cm
https://images.chainguard.dev/security/CGA-8cmc-f9rv-4m8w
https://images.chainguard.dev/security/CGA-8f8p-9hrp-c8xm
https://images.chainguard.dev/security/CGA-224v-j292-29fc
https://github.com/hashicorp/terraform/security/advisories/GHSA-4rvg-555h-r626

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CVE-2019-19316

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources