Lucene search
K

427 matches found

Wolfi
Wolfi
added 2026/04/24 1:58 a.m.9 views

CVE-2026-39388 vulnerabilities

Vulnerabilities for packages: openbao...

3.1CVSS5.7AI score0.00101EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/24 1:17 a.m.7 views

CVE-2026-40264 vulnerabilities

Vulnerabilities for packages: openbao...

2.7CVSS5.7AI score0.00301EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/24 1:17 a.m.10 views

CVE-2026-39946 vulnerabilities

Vulnerabilities for packages: openbao...

4.9CVSS5.7AI score0.00235EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/24 1:17 a.m.9 views

GHSA-R65V-XGWC-G56J vulnerabilities

Vulnerabilities for packages: openbao...

5.7AI score
Exploits0
Chainguard
Chainguard
added 2026/04/24 1:17 a.m.7 views

GHSA-P49J-V9WC-WG57 vulnerabilities

Vulnerabilities for packages: openbao...

5.7AI score
Exploits0
Chainguard
Chainguard
added 2026/04/24 1:17 a.m.7 views

GHSA-6VGR-CP5C-FFX3 vulnerabilities

Vulnerabilities for packages: openbao...

5.7AI score
Exploits0
Chainguard
Chainguard
added 2026/04/24 1:17 a.m.9 views

CVE-2026-39396 vulnerabilities

Vulnerabilities for packages: openbao...

6.5CVSS5.7AI score0.00218EPSS
Exploits1
Chainguard
Chainguard
added 2026/04/24 1:17 a.m.9 views

GHSA-7CCV-RP6M-RFFR vulnerabilities

Vulnerabilities for packages: openbao...

5.7AI score
Exploits0
Chainguard
Chainguard
added 2026/04/24 1:17 a.m.9 views

CVE-2026-39388 vulnerabilities

Vulnerabilities for packages: openbao...

3.1CVSS5.7AI score0.00101EPSS
Exploits0
OSV
OSV
added 2026/04/21 6:27 p.m.2 views

GHSA-P49J-V9WC-WG57 OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation

Impact OpenBao's namespaces provide multi-tenant separation. A tenant who leaks token accessors can have their token revoked or renewed by a privileged administrator in another tenant. Patches This was addressed in v2.5.3...

2CVSS5.8AI score0.00301EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/21 6:26 p.m.6 views

EUVD-2026-24035

OpenBao's SQL Injection in PostgreSQL database secrets engine...

4.6CVSS5.8AI score0.00235EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/21 6:26 p.m.10 views

OpenBao's SQL Injection in PostgreSQL database secrets engine

Impact When OpenBao revoked privileges on a role in the PostgreSQL database secrets engine, OpenBao failed to use proper database quoting on schema names provided by PostgreSQL. This could lead to role revocation failures, or more rarely, SQL injection as the management user. This vulnerability w...

4.9CVSS5.8AI score0.00235EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/04/21 6:26 p.m.7 views

GHSA-6VGR-CP5C-FFX3 OpenBao's SQL Injection in PostgreSQL database secrets engine

Impact When OpenBao revoked privileges on a role in the PostgreSQL database secrets engine, OpenBao failed to use proper database quoting on schema names provided by PostgreSQL. This could lead to role revocation failures, or more rarely, SQL injection as the management user. This vulnerability w...

4.9CVSS5.8AI score0.00235EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/21 6:24 p.m.5 views

EUVD-2026-24031

OpenBao: Decompression Bomb via Unbounded Copy in OCI Plugin Extraction DoS...

3.1CVSS5.7AI score0.00218EPSS
Exploits1References5
OSV
OSV
added 2026/04/21 6:24 p.m.5 views

GHSA-R65V-XGWC-G56J OpenBao: Decompression Bomb via Unbounded Copy in OCI Plugin Extraction (DoS)

Summary ExtractPluginFromImage in OpenBao's OCI plugin downloader extracts a plugin binary from a container image by streaming decompressed tar data via io.Copy with no upper bound on the number of bytes written. An attacker who controls or compromises the OCI registry referenced in the victim's...

3.1CVSS5.8AI score0.00218EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/04/21 6:24 p.m.10 views

OpenBao: Decompression Bomb via Unbounded Copy in OCI Plugin Extraction (DoS)

Summary ExtractPluginFromImage in OpenBao's OCI plugin downloader extracts a plugin binary from a container image by streaming decompressed tar data via io.Copy with no upper bound on the number of bytes written. An attacker who controls or compromises the OCI registry referenced in the victim's...

6.5CVSS5.8AI score0.00218EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2026/04/21 5:26 p.m.5 views

EUVD-2026-24029

OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate...

2CVSS5.7AI score0.00101EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/21 5:26 p.m.11 views

OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate

Background OpenBao's Certificate authentication method, when a token renewal is requested and disablebinding=true is set, attempts to verify the current request's presented mTLS certificate matches the original. Token renewals for other authentication methods do not require any supplied login...

3.1CVSS5.6AI score0.00101EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/21 12:50 p.m.7 views

CVE-2026-39396

A flaw was found in OpenBao. An attacker who controls or compromises the Open Container Initiative OCI registry can exploit a vulnerability in OpenBao's OCI plugin downloader. By serving a specially crafted container image, the attacker can cause the system to decompress an arbitrarily large file...

6.5CVSS5.7AI score0.00218EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/21 12:50 p.m.6 views

CVE-2026-40264

A flaw was found in OpenBao. OpenBao's multi-tenant separation feature allows a privileged administrator in one tenant to revoke or renew a token belonging to another tenant if that token's accessors are leaked. This unauthorized token management could lead to a denial of service for the affected...

2.7CVSS5.7AI score0.00301EPSS
Exploits0References2
Rows per page
Query Builder