CLEANSTART-2026-CK35256

See a problem?
Import Source
https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-CK35256.json
JSON Data
https://api.osv.dev/v1/vulns/CLEANSTART-2026-CK35256
Upstream
  • GHSA-2464-8J7C-4CJM
  • GHSA-2X5J-VHC8-9CWM
  • GHSA-6V2P-P543-PHR9
  • GHSA-C6GW-W398-HV78
  • GHSA-FV92-FJC5-JJ9H
  • GHSA-HCG3-Q754-CR77
  • GHSA-JC7W-C686-C4V9
  • GHSA-MH63-6H87-95CP
  • GHSA-QXP5-GWG8-XV66
  • GHSA-VVGC-356P-C3XW
  • GHSA-WJRX-6529-HCJ3
Published
2026-01-30T17:21:56.458213Z
Modified
2026-04-02T09:01:29.424840701Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Within HostnameError
Details

Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.

References

Affected packages

CleanStart / opentofu-fips

Package

Name
opentofu-fips

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.9.4-r0

Database specific

source 
"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-CK35256.json"