—
GO-2026-5441
OpenTofu has unbounded memory usage, high CPU usage, or deadlock in "tofu init" with maliciously-crafted dependency responses in github.com/opentofu/opentofu
상세
OpenTofu has unbounded memory usage, high CPU usage, or deadlock in "tofu init" with maliciously-crafted dependency responses in github.com/opentofu/opentofu
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
Go / github.com/opentofu/opentofu
최초 영향 버전:
0 수정 버전: 1.11.6 수정
go get github.com/opentofu/opentofu@v1.11.6 참고
- https://github.com/opentofu/opentofu/security/advisories/GHSA-hw5x-4r37-72w7 [ADVISORY]
- https://github.com/opentofu/opentofu/pull/3966 [FIX]
- https://github.com/opentofu/opentofu/issues/4029 [REPORT]
- https://github.com/opentofu/opentofu/issues/4030 [REPORT]
- https://github.com/opentofu/opentofu/issues/4031 [REPORT]
- https://github.com/opentofu/opentofu/issues/4032 [REPORT]
- https://github.com/opentofu/opentofu/releases/tag/v1.11.6 [WEB]