Suggestions search

Untriaged

Filter by:

With package: terraform-landscape

Found 3 matching suggestions

View:

Compact

Detailed

Permalink CVE-2023-32550

9.3 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): LOW
Availability impact (A): NONE

created 1 year, 3 months ago

Landscape's Apache server-status is accessible by default

Landscape's server-status page exposed sensitive system information. This data leak included GET requests which contain information to attack and leak further information from the Landscape API.

References

https://bugs.launchpad.net/landscape/+bug/1929037 x_transferredissue-tracking

Affected products

landscape

<19.10.05

Matching in nixpkgs

pkgs.terraform-landscape

Improve Terraform's plan output to be easier to read and understand

nixos-unstable 0.2.1
- nixpkgs-unstable 0.2.1
- nixos-unstable-small 0.2.1

pkgs.ue4demos.landscape_mountains

Unreal Engine 4 Linux demos

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

Package maintainers

@manveru Michael Fellinger <m.fellinger@gmail.com>
@nicknovitski Nick Novitski <nixpkgs@nicknovitski.com>
@mbode Maximilian Bode <maxbode@gmail.com>

Permalink CVE-2023-32549

6.8 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): NONE
Availability impact (A): NONE

created 1 year, 3 months ago

Landscape insecure token generation

Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator.

References

https://bugs.launchpad.net/landscape/+bug/1929034 x_transferredissue-tracking

Affected products

landscape

<19.10.05

Matching in nixpkgs

pkgs.terraform-landscape

Improve Terraform's plan output to be easier to read and understand

nixos-unstable 0.2.1
- nixpkgs-unstable 0.2.1
- nixos-unstable-small 0.2.1

pkgs.ue4demos.landscape_mountains

Unreal Engine 4 Linux demos

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

Package maintainers

@manveru Michael Fellinger <m.fellinger@gmail.com>
@nicknovitski Nick Novitski <nixpkgs@nicknovitski.com>
@mbode Maximilian Bode <maxbode@gmail.com>

Permalink CVE-2023-32551

6.1 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): NONE

created 1 year, 3 months ago

Landscape Open Redirect

Landscape allowed URLs which caused open redirection.

References

https://bugs.launchpad.net/landscape/+bug/1929620 x_transferredissue-tracking

Affected products

landscape

<19.10.05

Matching in nixpkgs

pkgs.terraform-landscape

Improve Terraform's plan output to be easier to read and understand

nixos-unstable 0.2.1
- nixpkgs-unstable 0.2.1
- nixos-unstable-small 0.2.1

pkgs.ue4demos.landscape_mountains

Unreal Engine 4 Linux demos

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

Package maintainers

@manveru Michael Fellinger <m.fellinger@gmail.com>
@nicknovitski Nick Novitski <nixpkgs@nicknovitski.com>
@mbode Maximilian Bode <maxbode@gmail.com>