Vendor

OpenBao

1 brief RSS

OpenBao Cross-Namespace Lease Revocation via Legacy sys/revoke Path

OpenBao versions up to 2.5.3 allow cross-namespace lease revocation by exploiting legacy sys/revoke endpoints, potentially leading to unauthorized credential access and denial of service.

openbao/openbao vulnerability acl-bypass secrets-management

2r 1t 29m ago