4 matches found
GO-2025-4052 OpenBao and Vault Leak []byte Fields in Audit Logs in github.com/openbao/openbao
OpenBao and Vault Leak byte Fields in Audit Logs in github.com/openbao/openbao...
CVE-2025-62705 OpenBao and Vault Leak []byte Fields in Audit Logs
OpenBao is an open source identity-based secrets management system. Prior to version 2.4.2, OpenBao's audit log did not appropriately redact fields when relevant subsystems sent byte response parameters rather than strings. This includes, but is not limited to sys/raw with use of encoding=base64,...
CVE-2025-62705 OpenBao and Vault Leak []byte Fields in Audit Logs
OpenBao is an open source identity-based secrets management system. Prior to version 2.4.2, OpenBao's audit log did not appropriately redact fields when relevant subsystems sent byte response parameters rather than strings. This includes, but is not limited to sys/raw with use of encoding=base64,...
CVE-2025-62705
OpenBao (open-source secret management) before version 2.4.2 could emit unredacted data to audit logs when []byte response parameters were used, including base64-encoded data in sys/raw and public keys during Ed25519 signing in Transit. The CVE IDs CVE-2025-62513 and CVE-2025-62705 have fixes in ...