Opencloud Reva
CVE-2026-23989
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Primary rating from GitHub Advisory.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Lifecycle Timeline
3DescriptionGitHub Advisory
REVA is an interoperability platform. Prior to 2.42.3 and 2.40.3, a bug in the GRPC authorization middleware of the "Reva" component of OpenCloud allows a malicious user to bypass the scope verification of a public link. By exploiting this via the the "archiver" service this can be leveraged to create an archive (zip or tar-file) containing all resources that this creator of the public link has access to. This vulnerability is fixed in 2.42.3 and 2.40.3.
AnalysisAI
Unauthenticated attackers can bypass public link scope verification in OpenCloud Reva versions prior to 2.42.3 and 2.40.3 through a flaw in GRPC authorization middleware. By exploiting the archiver service, an attacker can create archives containing all resources accessible to the public link creator, resulting in unauthorized information disclosure. A patch is available in versions 2.42.3 and 2.40.3.
Technical ContextAI
Classified as CWE-863 (Incorrect Authorization). Affects Opencloud Reva. REVA is an interoperability platform. Prior to 2.42.3 and 2.40.3, a bug in the GRPC authorization middleware of the "Reva" component of OpenCloud allows a malicious user to bypass the scope verification of a public link. By exploiting this via the the "archiver" service this can be leveraged to create an archive (zip or tar-file) containing all resources that this creator of the public link has access to. This vulnerability is fixed in 2.42.3 and 2.40.3.
RemediationAI
A vendor patch is available — apply it immediately. Fixed in version 2.42.3. Restrict network access to the affected service where possible.
Same weakness CWE-863 – Incorrect Authorization
View allSame technique Authentication Bypass
View allVendor StatusVendor
SUSE
Severity: High| Product | Status |
|---|---|
| openSUSE Tumbleweed | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today
GHSA-9j2f-3rj3-wgpg