Hashicorp Latest Vulnerabilities
Latest vulnerabilities published by hashicorp
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Denial of Service Vulnerability in HashiCorp Vault Community and Enterprise Products
CVE-2025-4656HashicorpVault3.1LOWACL Policy Lookup Issue in Nomad Community and Nomad Enterprise
CVE-2025-4922HashicorpNomad8.1HIGHBypassing Sentinel Policies in Nomad Enterprise by HashiCorp
CVE-2025-3744HashicorpNomad Enterprise7.6HIGHAuthentication Method Flaw in Vault by HashiCorp
CVE-2025-3879HashicorpVault6.6MEDIUMSensitive Information Exposure in HashiCorp Vault Key/Value Plugin
CVE-2025-4166HashicorpVault4.5MEDIUMToken Exposure Vulnerability in Nomad Community and Enterprise by HashiCorp
CVE-2025-1296HashicorpNomad6.5MEDIUMAuthentication Bypass in Hermes by HashiCorp Affecting AWS ALB Integration
CVE-2025-1293HashicorpTooling8.2HIGHEvent Stream Namespace ACL Policy Bypass in Nomad by HashiCorp
CVE-2025-0937HashicorpNomad7.1HIGHZip-Slip Vulnerability in HashiCorp's go-slug Library
CVE-2025-0377HashicorpShared Library7.5HIGHPrivilege Escalation Vulnerability in HashiCorp Nomad Allocations
CVE-2024-12678HashicorpNomad6.5MEDIUMBoundary Vulnerability May Cause Premature Server Termination
CVE-2024-12289HashicorpBoundary5.9MEDIUMArbitrary Cross-Namespace Volume Creation Vulnerability
CVE-2024-10975HashicorpNomad7.7HIGHDenial of Service Vulnerability in Vault by HashiCorp
CVE-2024-8185HashiCorpVaultreflective XSS vulnerability found in Consul and Consul Enterprise
CVE-2024-10086HashicorpConsul6.1MEDIUMBypassing HTTP Header Based Access Rules via L7 Traffic Intentions
CVE-2024-10006HashicorpConsul5.8MEDIUMBypassing HTTP Request Path-Based Access Rules Through URL Paths in L7 Traffic
CVE-2024-10005HashicorpConsul5.8MEDIUMVagrant Vulnerability Allows Unauthorized File System Writes
CVE-2024-10228HashicorpVagrant3.3LOWRoot Privileges Escalation Vulnerability in Vault
CVE-2024-9180HashicorpVault7.2HIGHVault SSH secrets engine vulnerability: unauthorized access via SSH certificates
CVE-2024-7594HashicorpVault7.5HIGHVault Leaks AppRole Client Tokens And Accessor in Audit Log
CVE-2024-8365HashicorpVault6.5MEDIUMNomad Archives Vulnerability: Write Access Outside Allocation Directory
CVE-2024-7625HashicorpNomad5.8MEDIUMNomad Platform Vulnerable to Path Escape During Migration
CVE-2024-6717HashicorpNomad7.7HIGHMalicious Git Configuration Execution via go-getter Library
CVE-2024-6257HashicorpShared Library8.4HIGHSensitive HTTP Basic Auth Credentials at Risk in go-retryablehttp Prior to 0.7.7
CVE-2024-6104HashicorpShared Library5.5MEDIUMVault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims
CVE-2024-5798HashicorpVault2.6LOW