Filter
Versions
latest-version-hashicorp-vault-1.18 1.18End of life
First published (updated )
EOL-hashicorp-vault-1.18 1.18End of life
First published (updated )
HashiCorp VaultVault Operators in Root Namespace May Elevate Their Privileges
7.2
EPSS
0.05%
First published (updated )
HashiCorp VaultVault Leaks AppRole Client Tokens And Accessor in Audit Log
6.5
EPSS
0.09%
First published (updated )
EOL-hashicorp-vault-1.17 1.17Reached end of life
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
latest-version-hashicorp-vault-1.17 1.17Reached end of life
First published (updated )
latest-version-hashicorp-vault-1.16 1.16Reached end of life
First published (updated )
EOL-hashicorp-vault-1.16 1.16Reached end of life
First published (updated )
HashiCorp VaultVault May Expose Sensitive Information When Configuring An Audit Log Device
6.5
First published (updated )
go/github.com/hashicorp/vaultVault May be Vulnerable to a Denial of Service Through Memory Exhaustion When Handling Large HTTP Requests
7.5
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
HashiCorp VaultVault Requests Triggering Policy Checks May Lead To Unbounded Memory Consumption
7.5
EPSS
0.05%
First published (updated )
HashiCorp VaultVault's Google Cloud Secrets Engine Removed Existing IAM Conditions When Creating / Updating Rolesets
7.6
First published (updated )
HashiCorp VaultVault Enterprise's Sentinel RGP Policies Allowed For Cross-Namespace Denial of Service
4.9
First published (updated )
EOL-hashicorp-vault-1.15 1.15Reached end of life
First published (updated )
latest-version-hashicorp-vault-1.15 1.15Reached end of life
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
HashiCorp VaultVault's Transit Secrets Engine Allowed Nonce Specified without Convergent Encryption
6.8
First published (updated )
HashiCorp VaultVault's LDAP Auth Method Allows for User Enumeration
5.3
First published (updated )
HashiCorp VaultVault Enterprise Namespace Creation May Lead to Denial of Service
4.9
First published (updated )
EOL-hashicorp-vault-1.14 1.14Reached end of life
First published (updated )
latest-version-hashicorp-vault-1.14 1.14Reached end of life
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
HashiCorp VaultVault’s KV Diff Viewer Allowed for HTML Injection
5.4
First published (updated )
HashiCorp VaultVault Enterprise Vulnerable to Padding Oracle Attacks When Using a CBC-based Encryption Mechanism with a HSM
2.5
First published (updated )
HashiCorp VaultVault PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer Metadata
6.5
First published (updated )
HashiCorp VaultVault Vulnerable to Cache-Timing Attacks During Seal and Unseal Operations
First published (updated )
HashiCorp VaultVault Vulnerable to SQL Injection When Configuring the Microsoft SQL Database Storage Backend
6.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
HashiCorp VaultVault Fails to Verify if the AppRole SecretID Belongs to Role During a Destroy Operation
8.1
First published (updated )
latest-version-hashicorp-vault-1.13 1.13Reached end of life
First published (updated )
EOL-hashicorp-vault-1.13 1.13Reached end of life
First published (updated )
HashiCorp VaultHashiCorp Vault and Vault Enterprise’s TLS certificate auth method did not initially load the option…
5.3
First published (updated )
latest-version-hashicorp-vault-1.12 1.12Reached end of life
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.