Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

go

github.com/hashicorp/vault

go

View on github.com · View on proxy.golang.org

Security Advisories for github.com/hashicorp/vault in go

High
about 2 months ago

HashiCorp Vault Community Edition Denial of Service Though Complex JSON Payloads GSA_kwCzR0hTQS04ZjgyLTUzaDgtMnAzNM4ABLiI

go github.com/hashicorp/vault
Moderate
3 months ago

HashiCorp Vault ldap auth method may not have correctly enforced MFA GSA_kwCzR0hTQS03cngyLTc2OXYtaHJ3Zs4ABK1B

go github.com/hashicorp/vault
Moderate
3 months ago

Hashicorp Vault has Login MFA Rate Limit Bypass Vulnerability GSA_kwCzR0hTQS12NnI0LTM1ZjktOXJwd84ABKuQ

go github.com/hashicorp/vault
Moderate
3 months ago

Hashicorp Vault has Incorrect Validation for Non-CA Certificates GSA_kwCzR0hTQS02YzVyLTR3ZmMtM21jeM4ABKuL

go github.com/hashicorp/vault
High
3 months ago

Hashicorp Vault has Privilege Escalation Vulnerability GSA_kwCzR0hTQS02aDRwLW04NmgtaGhnaM4ABKuI

go github.com/hashicorp/vault
Moderate
3 months ago

Hashicorp Vault has Lockout Feature Authentication Bypass GSA_kwCzR0hTQS1xZ2o3LWZtcTItNmNjNM4ABKuK

go github.com/hashicorp/vault
Moderate
3 months ago

Hashicorp Vault's TOTP Secrets Engine Susceptible to Code Reuse GSA_kwCzR0hTQS1xdjNwLWZtdjMtOWh3d84ABKuC

go github.com/hashicorp/vault
Critical
3 months ago

Hashicorp Vault has Code Execution Vulnerability via Plugin Configuration GSA_kwCzR0hTQS1tcjRoLXFmOWotZjY2Nc4ABKuD

go github.com/hashicorp/vault
Low
3 months ago

Hashicorp Vault has an Observable Discrepancy on Existing and Non-Existing Users GSA_kwCzR0hTQS1td2dyLTg0ZnYtM2poOc4ABKuN

go github.com/hashicorp/vault
Low
4 months ago

Vault Community Edition rekey and recovery key operations can cause denial of service GSA_kwCzR0hTQS1maGMyLThxeDgtNnZqN84ABJbX

go github.com/hashicorp/vault
Moderate
6 months ago

Hashicorp Vault Community vulnerable to Incorrect Authorization GSA_kwCzR0hTQS1mOWNoLWg4ajctOGp3Z84ABHci

go github.com/hashicorp/vault
Moderate
6 months ago

Hashicorp Vault Community vulnerable to Generation of Error Message Containing Sensitive Information GSA_kwCzR0hTQS1nY3FmLWY4OWMtNjhods4ABHay

go github.com/hashicorp/vault
High
12 months ago

Hashicorp Vault vulnerable to denial of service through memory exhaustion GSA_kwCzR0hTQS1nMjMzLTJwNHItM3E3ds4ABA2E

go github.com/hashicorp/vault
High
about 1 year ago

Vault Community Edition privilege escalation vulnerability GSA_kwCzR0hTQS1ycjhqLTd3MzQteHA1as4ABALz

go github.com/hashicorp/vault
High
about 1 year ago

Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default GSA_kwCzR0hTQS1qZzc0LW13Z3ctdjZ4M84AA_zy

go github.com/hashicorp/vault
Moderate
about 1 year ago

Vault Leaks Client Token and Token Accessor in Audit Devices GSA_kwCzR0hTQS1qanhmLTI2YzktNzdnbc4AA_Oa

go github.com/hashicorp/vault
High
over 1 year ago

Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions GSA_kwCzR0hTQS0ycW13LXB2ZjctNG13Ns4AA90R

go github.com/hashicorp/vault
Low
over 1 year ago

HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims GSA_kwCzR0hTQS0zMmNqLTV3eDQtZ3E4cM4AA8_N

go github.com/hashicorp/vault
Moderate
over 1 year ago

HashiCorpVault does not correctly validate OCSP responses GSA_kwCzR0hTQS1qMnJwLWdtcXYtZnJods4AA6pX

go github.com/hashicorp/vault
High
over 1 year ago

Incorrect TLS certificate auth method in Vault GSA_kwCzR0hTQS1yM3c3LW1mcG0tYzJ2d84AA5wI

go github.com/hashicorp/vault
Moderate
over 1 year ago

Hashicorp Vault may expose sensitive log information GSA_kwCzR0hTQS12Z2gzLW13eHEtcmNwOM4AA4--

go github.com/hashicorp/vault
High
over 1 year ago

Improper Authentication in HashiCorp Vault GSA_kwCzR0hTQS1ycTk1LXhmNjYtajY4Oc4AA4-1

go github.com/hashicorp/vault
Moderate
over 1 year ago

Enumeration of users in HashiCorp Vault GSA_kwCzR0hTQS1ycGdwLTlobWctajI1eM4AA4-x

go github.com/hashicorp/vault
High
over 1 year ago

HashiCorp Vault Authentication bypass GSA_kwCzR0hTQS00bXA3LTJtMjktZ3F4Zs4AA49E

go github.com/hashicorp/vault
Moderate
over 1 year ago

HashiCorp Vault Improper Privilege Management GSA_kwCzR0hTQS1tOTc5LXc5d2otcWZqOc4AA489

go github.com/hashicorp/vault
Critical
over 1 year ago

HashiCorp Vault Improper Privilege Management GSA_kwCzR0hTQS1qNnZ2LXZ2MjYtcmg3Y84AA488

go github.com/hashicorp/vault
High
almost 2 years ago

Memory exhaustion in HashiCorp Vault GSA_kwCzR0hTQS02cDYyLTZjZzktZjVmNc4AA3ph

go github.com/hashicorp/vault
High
almost 2 years ago

HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability GSA_kwCzR0hTQS00cWhjLXY4cjYtOHZ3bc4AA3B2

go github.com/hashicorp/vault
High
about 2 years ago

Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability GSA_kwCzR0hTQS04NmM2LTNnNjMtNXc2NM4AA2Id

go github.com/hashicorp/vault
Moderate
about 2 years ago

HashiCorp Vault Improper Input Validation vulnerability GSA_kwCzR0hTQS12ODRmLTZyMzktY3BmY84AA14s

go github.com/hashicorp/vault
Moderate
about 2 years ago

HashiCorp Vault and Vault Enterprise vulnerable to user enumeration GSA_kwCzR0hTQS05djN3LXcyamgtNGhmZs4AA0-S

go github.com/hashicorp/vault
High
over 2 years ago

Hashicorp Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation GSA_kwCzR0hTQS13bWc1LWc5NTMtcXFmd84AA0UP

go github.com/hashicorp/vault
Moderate
over 2 years ago

HashiCorp Vault's revocation list not respected GSA_kwCzR0hTQS05bWg4LTlqNjQtNDQzZs4AA0RO

go github.com/hashicorp/vault
Moderate
over 2 years ago

Hashicorp Vault vulnerable to Cross-site Scripting GSA_kwCzR0hTQS1ncTk4LTUzcnEtcXI1aM4AAzw5

go github.com/hashicorp/vault
Moderate
over 2 years ago

HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File GSA_kwCzR0hTQS12M2hwLW1jajUtcGczOc4AAydQ

go github.com/hashicorp/vault
Moderate
over 2 years ago

HashiCorp Vault's PKI mount vulnerable to denial of service GSA_kwCzR0hTQS1od2MzLTNxaDYtcjRnZ84AAydO

go github.com/hashicorp/vault
Moderate
over 2 years ago

HashiCorp Vault's implementation of Shamir's secret sharing vulnerable to cache-timing attacks GSA_kwCzR0hTQS12cTRoLTlnaG0tcW1ycs4AAydP

go github.com/hashicorp/vault
Critical
about 3 years ago

HashiCorp Vault vulnerable to incorrect metadata access GSA_kwCzR0hTQS03Y2d2LXY4M3YtcnI4N84AAvAP

go github.com/hashicorp/vault
Critical
over 3 years ago

Token leases could outlive their TTL in HashiCorp Vault GSA_kwCzR0hTQS01N2dnLWNqNTUtcTVnMs4AArAN

go github.com/hashicorp/vault
Moderate
over 3 years ago

HashiCorp Vault improper configuration of multi factor authentication GSA_kwCzR0hTQS1jNXdjLXYyODctODJwY84AAgYl

go github.com/hashicorp/vault
Critical
almost 4 years ago

HashiCorp Vault Incorrect Permission Assignment for Critical Resource GSA_kwCzR0hTQS1wZm13LXZqNzQtcGg4Z80YjQ

go github.com/hashicorp/vault
High
about 4 years ago

Incorrect Privilege Assignment in HashiCorp Vault GSA_kwCzR0hTQS0zNjJ2LXdnNXAtNjR3Ms0Wgw

go github.com/hashicorp/vault
Low
about 4 years ago

Hashicorp Vault Privilege Escalation Vulnerability GSA_kwCzR0hTQS1xdjk1LWczZ20teDU0Ms0Wfg

go github.com/hashicorp/vault
Critical
about 4 years ago

HashiCorp Vault underlying database had excessively broad filesystem permissions from v1.4.0 until v1.8.0 MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIzZnEtcTdoYy05OTNy

go github.com/hashicorp/vault
Moderate
about 4 years ago

Improper Removal of Sensitive Information Before Storage or Transfer in HashiCorp Vault MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYyMzktMjhjMi05bXJt

go github.com/hashicorp/vault
High
about 4 years ago

Authentication Bypass by Spoofing and Insufficient Verification of Data Authenticity in Hashicorp Vault MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZwNTItcXczMy1tZm13

go github.com/hashicorp/vault
High
about 4 years ago

Improper Resource Shutdown or Release in HashiCorp Vault MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2aDUtcjRxdy12M3Z2

go github.com/hashicorp/vault
High
over 4 years ago

Invalid session token expiration MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM4ajktN3BwOS0yaGp3

go github.com/hashicorp/vault
High
over 4 years ago

Information Disclosure in HashiCorp Vault MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI1eGotODlnNS1mbTZo

go github.com/hashicorp/vault

Filter by Severity

Moderate 21 High 18 Critical 6 Low 4