CNNVD-202510-2798 Information

CNNVD ID

CNNVD-202510-2798

Related CVE

CVE-2025-62705

• CNNVD Published: 2025-10-22

Description (Chinese)

OpenBao是OpenBao开源的一个敏感数据管理软件。 OpenBao 2.4.2之前版本存在日志信息泄露漏洞，该漏洞源于审计日志未正确编辑字节数组响应参数，可能导致敏感数据泄露。

Description (English)

OpenBao is a sensitive data management software for OpenBao open source. There was a leak in log information in the previous version of OpenBao 2.4.2, which resulted from the audit log’s incorrect editing of byte array response parameters, which could lead to the disclosure of sensitive data.

Hazard Level

High

Vulnerability Type

日志信息泄露

Affected Vendor

OpenBao

Published

2025-10-22

Last Modified

2026-02-24

References

https://github.com/openbao/openbao/commit/cc2c476bac66e1d94776c2629793daec3af625f8 https://github.com/openbao/openbao/security/advisories/GHSA-rc54-2g2c-g36g

Patch

https://github.com/openbao/openbao/releases