CVE-2024-56802

N/A Unknown
Published: December 31, 2024 Modified: April 15, 2026
View on NVD

Description

Tapir is a private Terraform registry. Tapir versions 0.9.0 and 0.9.1 are facing a critical issue with scope-able Deploykeys where attackers can guess the key to get write access to the registry. User must upgrade to 0.9.2.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/PacoVK/tapir/commit/c36360b611fa0ba4f5e250fa43ecf8a294785a03
Source: security-advisories@github.com
https://github.com/PacoVK/tapir/security/advisories/GHSA-rj9m-qf65-f5gg
Source: security-advisories@github.com

2 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.1%
31th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-285

Related CVEs

CVE-2026-6848 5.4
CVE-2026-33601 4.4
CVE-2026-33600 4.4
CVE-2026-33262 5.9
CVE-2026-33261 5.9