Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
light_mode
dark_mode
Vulnerabilities
search
All ecosystems
732367
AlmaLinux
5179
Alpaquita
11405
Alpine
4310
Android
3403
Azure Linux
12016
BellSoft Hardened Containers
554
Bitnami
8221
Chainguard
8702
CleanStart
1524
CRAN
14
crates.io
2543
Debian
59473
Echo
6413
GHC
3
GIT
81728
GitHub Actions
54
Go
7948
Hackage
32
Hex
165
Julia
979
Linux
15361
Mageia
6003
Maven
6658
MinimOS
81316
npm
221276
NuGet
1765
opam
18
openEuler
7054
openSUSE
13343
OSS-Fuzz
3951
Packagist
6618
Pub
11
PyPI
20765
Red Hat
20984
Rocky Linux
3538
Root
17178
RubyGems
2008
SUSE
21126
SwiftURL
58
TuxCare
5651
Ubuntu
56902
VSCode
20
Wolfi
6097
ID
Packages
Summary
Published
arrow_upward
Attributes
CLEANSTART-2026-XN15507
CleanStart/opentofu-fips
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
30 Apr
Fix available
Severity - 9.8 (Critical)
CLEANSTART-2026-OM95908
CleanStart/opentofu-fips
Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-qxp5-gwg8-xv66, ghsa-r92c-9c7f-3pj8, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.10.7-r1, 1.11.4-r0, 1.11.5-r0, 1.11.5-r1, 1.11.5-r2, 1.9.4-r0
01 Apr
Fix available
CLEANSTART-2026-GG58376
CleanStart/opentofu-fips
Within HostnameError
17 Feb
Fix available
Severity - 9.8 (Critical)
GO-2026-4352
Go/github.com/opentofu/opentofu
OpenTofu has High CPU usage in "tofu init" with maliciously-crafted module packages in .zip format in github.com/opentofu/opentofu
02 Feb
Fix available
GHSA-r92c-9c7f-3pj8
Go/github.com/opentofu/opentofu
OpenTofu has High CPU usage in "tofu init" with maliciously-crafted module packages in .zip format
21 Jan
Fix available
Severity - 3.1 (Low)
Vulnerability Database - OSV