kitchen-terraform 7.0.0
Sensitive Terraform Output Values Printed At Info Logging Level In Kitchen-Terraform
low severity CVE-2023-30618>= 7.0.1
< 7.0.0
Summary
Kitchen-Terraform v7.0.0 introduced a regression which caused all
Terraform output values, including sensitive values, to be printed
at the info
logging level during the kitchen converge
action.
Prior to v7.0.0, the output values were printed at the debug
level
to avoid writing sensitive values to the terminal by default.
Original Report
@brettcurtis: Hopefully, I'm not doing something stupid here, but I'm seeing sensitive outputs printed in the kitchen output. You can check this action for an example: https://github.com/osinfra-io/terraform-google-project/actions/runs/4700065515/jobs/8334277309#step:5:215
It's not really a sensitive value just used it as an example.
No officially reported memory leakage issues detected.
This gem version does not have any officially reported memory leaked issues.
No license issues detected.
This gem version has a license in the gemspec.
This gem version is available.
This gem version has not been yanked and is still available for usage.