Oxia-db Oxia
4 CVEs affecting Oxia-db Oxia. Latest disclosed: 2026-04-21. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-40946 | | 2026-04-21 | Oxia is a metadata store and coordination system. Prior to 0.16.2, the OIDC authentication provider unconditionally sets SkipClientIDCheck: true in the go-oidc… | |
CVE-2026-40945 | | 2026-04-21 | Oxia is a metadata store and coordination system. Prior to 0.16.2, when OIDC authentication fails, the full bearer token is logged at DEBUG level in plaintext… | |
CVE-2026-40944 | | 2026-04-21 | Oxia is a metadata store and coordination system. Prior to 0.16.2, the trustedCertPool() function in the TLS configuration only parses the first PEM block from… | |
CVE-2026-40943 | | 2026-04-21 | Oxia is a metadata store and coordination system. Prior to 0.16.2, a race condition between session heartbeat processing and session closure can cause the serv… |