CLEANSTART-2026-GU55430

See a problem?
Import Source
https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-GU55430.json
JSON Data
https://api.osv.dev/v1/vulns/CLEANSTART-2026-GU55430
Upstream
  • CVE-2026-25679
  • CVE-2026-27139
  • CVE-2026-27142
  • ghsa-2464-8j7c-4cjm
  • ghsa-2x5j-vhc8-9cwm
  • ghsa-6v2p-p543-phr9
  • ghsa-9h8m-3fm2-qjrq
  • ghsa-c6gw-w398-hv78
  • ghsa-fv92-fjc5-jj9h
  • ghsa-hcg3-q754-cr77
  • ghsa-jc7w-c686-c4v9
  • ghsa-mh63-6h87-95cp
  • ghsa-qxp5-gwg8-xv66
  • ghsa-vvgc-356p-c3xw
  • ghsa-wjrx-6529-hcj3
Published
2026-04-01T09:37:53.639715Z
Modified
2026-04-01T18:47:39.499394Z
Summary
Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-9h8m-3fm2-qjrq, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.9.4-r0, 1.9.4-r1, 1.9.4-r2, 1.9.4-r3
Details

Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details.

References

Affected packages

CleanStart / opentofu-fips

Package

Name
opentofu-fips

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.9.4-r3

Database specific

source 
"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-GU55430.json"