CLEANSTART-2026-OM95908

See a problem?
Import Source
https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-OM95908.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLEANSTART-2026-OM95908
Upstream
  • CVE-2026-25679
  • CVE-2026-27139
  • CVE-2026-27142
  • ghsa-2464-8j7c-4cjm
  • ghsa-2x5j-vhc8-9cwm
  • ghsa-6v2p-p543-phr9
  • ghsa-c6gw-w398-hv78
  • ghsa-fv92-fjc5-jj9h
  • ghsa-hcg3-q754-cr77
  • ghsa-jc7w-c686-c4v9
  • ghsa-mh63-6h87-95cp
  • ghsa-p77j-4mvh-x3m3
  • ghsa-qxp5-gwg8-xv66
  • ghsa-r92c-9c7f-3pj8
  • ghsa-vvgc-356p-c3xw
  • ghsa-wjrx-6529-hcj3
Published
2026-04-01T09:38:28.220463Z
Modified
2026-04-01T18:30:31.956629Z
Summary
Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-qxp5-gwg8-xv66, ghsa-r92c-9c7f-3pj8, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.10.7-r1, 1.11.4-r0, 1.11.5-r0, 1.11.5-r1, 1.11.5-r2, 1.9.4-r0
Details

Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details.

References

Affected packages

CleanStart / opentofu-fips

Package

Name
opentofu-fips

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.9.4-r0

Database specific

source 
"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-OM95908.json"