A security issue has been found in terraform-provider-windns
before version 1.0.5
. The windns_record
resource did not santize the input variables. This can lead to authenticated command injection in the underlyding powershell command prompt.
83ef736 (fix: better input validation)
v1.0.5
{ "nvd_published_at": "2025-05-06T17:16:12Z", "cwe_ids": [ "CWE-77" ], "severity": "LOW", "github_reviewed": true, "github_reviewed_at": "2025-05-06T16:38:44Z" }