Vulnerabilities

All ecosystems 714903 AlmaLinux 5081 Alpaquita 10222 Alpine 4283 Android 3402 Azure Linux 12016 BellSoft Hardened Containers 521 Bitnami 8141 Chainguard 7176 CleanStart 1505 CRAN 14 crates.io 2487 Debian 58470 Echo 5514 GHC 3 GIT 81697 GitHub Actions 54 Go 7194 Hackage 32 Hex 142 Julia 950 Linux 15361 Mageia 6002 Maven 6599 MinimOS 74883 npm 220846 NuGet 1731 opam 18 openEuler 7054 openSUSE 13132 OSS-Fuzz 3934 Packagist 6553 Pub 11 PyPI 20274 Red Hat 20752 Rocky Linux 3469 Root 16016 RubyGems 2000 SUSE 20911 SwiftURL 58 TuxCare 5651 Ubuntu 56035 VSCode 20 Wolfi 4689

GHSA-wcmj-x466-56mm

Go/github.com/opentofu/opentofu

OpenTofu: Provider cache installation follows root-module-controlled package directory symlink and writes outside the working tree

yesterday

Fix available
Severity - 6.1 (Medium)