427 matches found
GHSA-VV66-6RP4-WR4F OpenBao's Namespace Deletion May Not Delete Data Properly
Impact When OpenBao's initial namespace deletion fails, subsequent retries fail to properly remove all data before marking the namespace as deleted. This can affect any outstanding leases as well as potentially leaving unrelated storage entries around. Patches This will be patched in OpenBao...
OpenBao's Namespace Deletion May Not Delete Data Properly
Impact When OpenBao's initial namespace deletion fails, subsequent retries fail to properly remove all data before marking the namespace as deleted. This can affect any outstanding leases as well as potentially leaving unrelated storage entries around. Patches This will be patched in OpenBao...
[SECURITY] Fedora 44 Update: openbao-2.5.3-1.fc44
Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...
[SECURITY] Fedora 43 Update: openbao-2.5.3-1.fc43
Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...
[SECURITY] Fedora 42 Update: openbao-2.5.3-1.fc42
Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...
Fedora 44 : openbao (2026-c7450bfed6)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c7450bfed6 advisory. Update to upstream 2.5.3, fix CVE-2026-34986, CVE-2026-39388, CVE-2026-39396, CVE-2026-40264 Tenable has extracted the preceding description block...
Fedora 42 : openbao (2026-c008e6a5da)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c008e6a5da advisory. Update to upstream 2.5.3, fix CVE-2026-34986, CVE-2026-39388, CVE-2026-39396, CVE-2026-40264 Tenable has extracted the preceding description block...
Fedora 43 : openbao (2026-41918b2b57)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-41918b2b57 advisory. Update to upstream 2.5.3, fix CVE-2026-34986, CVE-2026-39388, CVE-2026-39396, CVE-2026-40264 Tenable has extracted the preceding description block...
CLEANSTART-2026-WB89098 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Multiple security vulnerabilities affect the openbao-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details...
Fedora 44 : openbao (2026-bb074cb239)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-bb074cb239 advisory. Update to upstream 2.5.2, including fixes for CVE-2026-33757 and CVE-2026-33758 Tenable has extracted the preceding description block directly from...
[SECURITY] Fedora 44 Update: openbao-2.5.2-1.fc44
Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...
GHSA-PJCQ-XVWQ-HHPJ vulnerabilities
Vulnerabilities for packages: cert-manager-istio-csr, nuclei, sftpgo-plugin-auth, flux-source-controller, telegraf, rancher-webhook, seaweedfs, harbor, kyverno-notation-aws, terraform, minio, rancher-agent, opentofu, trufflehog, xeol, bento, rancher, ratify, spqr, flux, kyverno, k6, grafana,...
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: cert-manager-istio-csr, nuclei, sftpgo-plugin-auth, flux-source-controller, telegraf, rancher-webhook, seaweedfs, harbor, kyverno-notation-aws, terraform, minio, rancher-agent, opentofu, trufflehog, xeol, bento, rancher, ratify, spqr, flux, kyverno, k6, grafana,...
GHSA-7CCV-RP6M-RFFR vulnerabilities
Vulnerabilities for packages: openbao...
CVE-2026-39946 vulnerabilities
Vulnerabilities for packages: openbao...
CVE-2026-39396 vulnerabilities
Vulnerabilities for packages: openbao...
GHSA-R65V-XGWC-G56J vulnerabilities
Vulnerabilities for packages: openbao...
CVE-2026-40264 vulnerabilities
Vulnerabilities for packages: openbao...
GHSA-6VGR-CP5C-FFX3 vulnerabilities
Vulnerabilities for packages: openbao...
GHSA-P49J-V9WC-WG57 vulnerabilities
Vulnerabilities for packages: openbao...