99 matches found
GHSA-PXH5-6RRC-8RJV vulnerabilities
Vulnerabilities for packages: opentofu...
GHSA-PXH5-6RRC-8RJV vulnerabilities
Vulnerabilities for packages: opentofu-fips, opentofu...
GHSA-PXH5-6RRC-8RJV OpenTofu: Excessive resource usage in "tofu init" when installing dependencies from attacker-controlled server
Impact Unauthenticated denial of service. Summary When installing provider or module packages from attacker-controlled servers, the server may cause tofu initto enter an infinite loop sending garbage data to that server. Those who depend on modules or providers served from untrusted third-party...
OpenTofu: Excessive resource usage in "tofu init" when installing dependencies from attacker-controlled server
Impact Unauthenticated denial of service. Summary When installing provider or module packages from attacker-controlled servers, the server may cause tofu initto enter an infinite loop sending garbage data to that server. Those who depend on modules or providers served from untrusted third-party...
CLEANSTART-2026-CN84623 Within HostnameError
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details...
CLEANSTART-2026-GY48351 Within HostnameError
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details...
CLEANSTART-2026-MI12470 Within HostnameError
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details...
CLEANSTART-2026-SO13464 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Multiple security vulnerabilities affect the opentofu-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details...
GHSA-PJCQ-XVWQ-HHPJ vulnerabilities
Vulnerabilities for packages: yunikorn-k8shim, gitlab-runner, gitea, cert-manager, openbao, external-secrets-operator, grafana, ratify, cert-manager-istio-csr, teleport, nuclei, rancher, dex, rancher-webhook, cert-manager-cmctl, cert-manager-csi-driver, xeol, kyverno-notation-aws,...
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: yunikorn-k8shim, gitlab-runner, gitea, cert-manager, openbao, external-secrets-operator, grafana, ratify, cert-manager-istio-csr, teleport, nuclei, rancher, dex, rancher-webhook, cert-manager-cmctl, cert-manager-csi-driver, xeol, kyverno-notation-aws,...
OpenTofu has unbounded memory usage, high CPU usage, or deadlock in "tofu init" with maliciously-crafted dependency responses
Impact Unauthenticated denial of service. Summary When installing module packages from attacker-controlled sources, tofu init may use unbounded memory, cause high CPU usage, or deadlock when encountering maliciously-crafted TLS certificate chains or tar archives. Those who depend on modules or...
CVE-2026-4660 vulnerabilities
Vulnerabilities for packages: kots, steampipe, zarf, syft, kubescape, snyk-cli, wolfictl, conftest, tfsec, grype, task, trivy-operator, trivy, xeol, terraform, tflint, zot, opentofu, k9s, terragrunt...
GHSA-92MM-2PJQ-R785 vulnerabilities
Vulnerabilities for packages: kots, steampipe, zarf, syft, kubescape, snyk-cli, wolfictl, conftest, tfsec, grype, task, trivy-operator, trivy, xeol, terraform, tflint, zot, opentofu, k9s, terragrunt...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: yunikorn-k8shim, crossplane-provider-sql, cadvisor, sriov-network-device-plugin, spire-server, kubescape, dgraph, temporal, terraform-provider-sendgrid, fscrypt, kuma, witness, docker-credential-gcr, vault-secrets-webhook, rancher-helm, external-secrets-operator,...
CVE-2026-39882 vulnerabilities
Vulnerabilities for packages: envoy-ratelimit-fips, opentofu, opa-envoy, grafana-mimir, knative-net-istio-fips, tempo-fips, gatekeeper, cerbos, aws-otel-collector, bento-fips, dagger, distribution-fips, docker-compose, kubescape-operator, kubescape-operator-fips, gitlab-cng, falcosidekick-fips,...
GHSA-W8RR-5GCM-PP58 vulnerabilities
Vulnerabilities for packages: envoy-ratelimit-fips, opentofu, opa-envoy, grafana-mimir, knative-net-istio-fips, tempo-fips, gatekeeper, cerbos, aws-otel-collector, bento-fips, dagger, distribution-fips, docker-compose, kubescape-operator, kubescape-operator-fips, gitlab-cng, falcosidekick-fips,...
CLEANSTART-2026-AD71344 Security fixes for CVE-2024-10005, CVE-2024-10006, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.10.7-r1, 1.10.9-r0, 1.10.9-r1, 1.10.9-r2, 1.10.9-r3, 1.9.4-r0
Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-DP35743 Security fixes for CVE-2024-10005, CVE-2024-10006, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-24051, CVE-2026-24515, CVE-2026-25210, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-q9hv-hpm4-hj6x, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.7.10-r0, 1.7.10-r1, 1.7.10-r2, 1.7.10-r3, 1.9.4-r0
Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-OM95908 Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-qxp5-gwg8-xv66, ghsa-r92c-9c7f-3pj8, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.10.7-r1, 1.11.4-r0, 1.11.5-r0, 1.11.5-r1, 1.11.5-r2, 1.9.4-r0
Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-GU55430 Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-9h8m-3fm2-qjrq, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.9.4-r0, 1.9.4-r1, 1.9.4-r2, 1.9.4-r3
Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details...