427 matches found
CVE-2026-39388 vulnerabilities
Vulnerabilities for packages: openbao...
CVE-2026-40264 vulnerabilities
Vulnerabilities for packages: openbao...
CVE-2026-39946 vulnerabilities
Vulnerabilities for packages: openbao...
GHSA-R65V-XGWC-G56J vulnerabilities
Vulnerabilities for packages: openbao...
GHSA-P49J-V9WC-WG57 vulnerabilities
Vulnerabilities for packages: openbao...
GHSA-6VGR-CP5C-FFX3 vulnerabilities
Vulnerabilities for packages: openbao...
CVE-2026-39396 vulnerabilities
Vulnerabilities for packages: openbao...
GHSA-7CCV-RP6M-RFFR vulnerabilities
Vulnerabilities for packages: openbao...
CVE-2026-39388 vulnerabilities
Vulnerabilities for packages: openbao...
GHSA-P49J-V9WC-WG57 OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation
Impact OpenBao's namespaces provide multi-tenant separation. A tenant who leaks token accessors can have their token revoked or renewed by a privileged administrator in another tenant. Patches This was addressed in v2.5.3...
EUVD-2026-24035
OpenBao's SQL Injection in PostgreSQL database secrets engine...
OpenBao's SQL Injection in PostgreSQL database secrets engine
Impact When OpenBao revoked privileges on a role in the PostgreSQL database secrets engine, OpenBao failed to use proper database quoting on schema names provided by PostgreSQL. This could lead to role revocation failures, or more rarely, SQL injection as the management user. This vulnerability w...
GHSA-6VGR-CP5C-FFX3 OpenBao's SQL Injection in PostgreSQL database secrets engine
Impact When OpenBao revoked privileges on a role in the PostgreSQL database secrets engine, OpenBao failed to use proper database quoting on schema names provided by PostgreSQL. This could lead to role revocation failures, or more rarely, SQL injection as the management user. This vulnerability w...
EUVD-2026-24031
OpenBao: Decompression Bomb via Unbounded Copy in OCI Plugin Extraction DoS...
GHSA-R65V-XGWC-G56J OpenBao: Decompression Bomb via Unbounded Copy in OCI Plugin Extraction (DoS)
Summary ExtractPluginFromImage in OpenBao's OCI plugin downloader extracts a plugin binary from a container image by streaming decompressed tar data via io.Copy with no upper bound on the number of bytes written. An attacker who controls or compromises the OCI registry referenced in the victim's...
OpenBao: Decompression Bomb via Unbounded Copy in OCI Plugin Extraction (DoS)
Summary ExtractPluginFromImage in OpenBao's OCI plugin downloader extracts a plugin binary from a container image by streaming decompressed tar data via io.Copy with no upper bound on the number of bytes written. An attacker who controls or compromises the OCI registry referenced in the victim's...
EUVD-2026-24029
OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate...
OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate
Background OpenBao's Certificate authentication method, when a token renewal is requested and disablebinding=true is set, attempts to verify the current request's presented mTLS certificate matches the original. Token renewals for other authentication methods do not require any supplied login...
CVE-2026-39396
A flaw was found in OpenBao. An attacker who controls or compromises the Open Container Initiative OCI registry can exploit a vulnerability in OpenBao's OCI plugin downloader. By serving a specially crafted container image, the attacker can cause the system to decompress an arbitrarily large file...
CVE-2026-40264
A flaw was found in OpenBao. OpenBao's multi-tenant separation feature allows a privileged administrator in one tenant to revoke or renew a token belonging to another tenant if that token's accessors are leaked. This unauthorized token management could lead to a denial of service for the affected...