Hashicorp Latest Vulnerabilities
Latest vulnerabilities published by hashicorp
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Privilege Escalation Vulnerability in HashiCorp Nomad Allocations
CVE-2024-12678HashicorpNomad6.5MEDIUMBoundary Vulnerability May Cause Premature Server Termination
CVE-2024-12289HashicorpBoundary5.9MEDIUMArbitrary Cross-Namespace Volume Creation Vulnerability
CVE-2024-10975HashicorpNomad7.7HIGHreflective XSS vulnerability found in Consul and Consul Enterprise
CVE-2024-10086HashicorpConsul6.1MEDIUMBypassing HTTP Header Based Access Rules via L7 Traffic Intentions
CVE-2024-10006HashicorpConsul5.8MEDIUMBypassing HTTP Request Path-Based Access Rules Through URL Paths in L7 Traffic
CVE-2024-10005HashicorpConsul5.8MEDIUMVagrant Vulnerability Allows Unauthorized File System Writes
CVE-2024-10228HashicorpVagrant3.3LOWRoot Privileges Escalation Vulnerability in Vault
CVE-2024-9180HashicorpVault7.2HIGHVault SSH secrets engine vulnerability: unauthorized access via SSH certificates
CVE-2024-7594HashicorpVault7.5HIGHVault Leaks AppRole Client Tokens And Accessor in Audit Log
CVE-2024-8365HashicorpVault6.5MEDIUMNomad Archives Vulnerability: Write Access Outside Allocation Directory
CVE-2024-7625HashicorpNomad5.8MEDIUMNomad Platform Vulnerable to Path Escape During Migration
CVE-2024-6717HashicorpNomad7.7HIGHMalicious Git Configuration Execution via go-getter Library
CVE-2024-6257HashicorpShared Library8.4HIGHSensitive HTTP Basic Auth Credentials at Risk in go-retryablehttp Prior to 0.7.7
CVE-2024-6104HashicorpShared Library5.5MEDIUMVault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims
CVE-2024-5798HashicorpVault2.6LOWVault Enterprise Leaks Sensitive HTTP Request Headers in the Audit Log When Deployed With a Performance Standby Node
CVE-2024-2877HashicorpVault Enterprise5.5MEDIUMGit Injection Vulnerability Affects HashiCorp's go-getter Library
CVE-2024-3817HashicorpShared Library9.8CRITICALOCSP Response Validation Fix for Vault and Vault Enterprise TLS Certificates
CVE-2024-2660HashicorpVault6.4MEDIUMCertificate Validation Bypass Vulnerability
CVE-2024-2048HashicorpVaultππ°8.1HIGHNomad Client User Arbitrary File Write Vulnerability
CVE-2024-1329HashicorpNomad7.5HIGHTLS Certificate Tampering Vulnerability in Boundary Enterprise
CVE-2024-1052HashicorpBoundary8HIGHVault May Expose Sensitive Information When Configuring An Audit Log Device
CVE-2024-0831HashicorpVault6.5MEDIUMVault May be Vulnerable to a Denial of Service Through Memory Exhaustion When Handling Large HTTP Requests
CVE-2023-6337HashiCorpVault7.5HIGHVault Requests Triggering Policy Checks May Lead To Unbounded Memory Consumption
CVE-2023-5954HashiCorpVault7.5HIGHVagrantβs Windows Installer Allowed Directory Junction Write
CVE-2023-5834HashicorpVagrant3.8LOW