Filtered by vendor Hashicorp
Subscribe
Total
177 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-0937 | 1 Hashicorp | 1 Nomad | 2025-12-15 | N/A | 7.1 HIGH |
| Nomad Community and Nomad Enterprise ("Nomad") event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces. | |||||
| CVE-2025-0377 | 1 Hashicorp | 1 Go-slug | 2025-12-15 | N/A | 7.5 HIGH |
| HashiCorp’s go-slug library is vulnerable to a zip-slip style attack when a non-existing user-provided path is extracted from the tar entry. | |||||
| CVE-2025-6013 | 1 Hashicorp | 1 Vault | 2025-12-15 | N/A | 6.5 MEDIUM |
| Vault and Vault Enterprise’s (“Vault”) ldap auth method may not have correctly enforced MFA if username_as_alias was set to true and a user had multiple CNs that are equal but with leading or trailing spaces. Fixed in Vault Community Edition 1.20.2 and Vault Enterprise 1.20.2, 1.19.8, 1.18.13, and 1.16.24. | |||||
| CVE-2024-12678 | 1 Hashicorp | 1 Nomad | 2025-12-12 | N/A | 6.5 MEDIUM |
| Nomad Community and Nomad Enterprise ("Nomad") allocations are vulnerable to privilege escalation within a namespace through unredacted workload identity tokens. This vulnerability, identified as CVE-2024-12678, is fixed in Nomad Community Edition 1.9.4 and Nomad Enterprise 1.9.4, 1.8.8, and 1.7.16. | |||||
| CVE-2024-3817 | 1 Hashicorp | 1 Go-getter | 2025-12-11 | N/A | 9.8 CRITICAL |
| HashiCorp’s go-getter library is vulnerable to argument injection when executing Git to discover remote branches. This vulnerability does not affect the go-getter/v2 branch and package. | |||||
| CVE-2024-6257 | 1 Hashicorp | 1 Go-getter | 2025-12-11 | N/A | 8.4 HIGH |
| HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution. | |||||
| CVE-2025-8959 | 1 Hashicorp | 1 Go-getter | 2025-12-11 | N/A | 7.5 HIGH |
| HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9. | |||||
| CVE-2025-13432 | 1 Hashicorp | 1 Terraform | 2025-12-10 | N/A | 4.3 MEDIUM |
| Terraform state versions can be created by a user with specific but insufficient permissions in a Terraform Enterprise workspace. This may allow for the alteration of infrastructure if a subsequent plan operation is approved by a user with approval permission or auto-applied. This vulnerability, CVE-2025-13432, is fixed in Terraform Enterprise version 1.1.1 and 1.0.3. | |||||
| CVE-2025-13357 | 1 Hashicorp | 1 Terraform Provider | 2025-12-10 | N/A | 7.4 HIGH |
| Vault’s Terraform Provider incorrectly set the default deny_null_bind parameter for the LDAP auth method to false by default, potentially resulting in an insecure configuration. If the underlying LDAP server allowed anonymous or unauthenticated binds, this could result in authentication bypass. This vulnerability, CVE-2025-13357, is fixed in Vault Terraform Provider v5.5.0. | |||||
| CVE-2024-2048 | 2 Hashicorp, Openbao | 2 Vault, Openbao | 2025-11-13 | N/A | 8.1 HIGH |
| Vault and Vault Enterprise (“Vault”) TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as trusted certificate. In this configuration, an attacker may be able to craft a malicious certificate that could be used to bypass authentication. Fixed in Vault 1.15.5 and 1.14.10. | |||||
| CVE-2024-7594 | 2 Hashicorp, Openbao | 2 Vault, Openbao | 2025-11-13 | N/A | 7.5 HIGH |
| Vault’s SSH secrets engine did not require the valid_principals list to contain a value by default. If the valid_principals and default_user fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to authenticate as any user on the host. Fixed in Vault Community Edition 1.17.6, and in Vault Enterprise 1.17.6, 1.16.10, and 1.15.15. | |||||
| CVE-2024-8185 | 2 Hashicorp, Openbao | 2 Vault, Openbao | 2025-11-13 | N/A | 7.5 HIGH |
| Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vault to consume excessive system memory resources, potentially leading to a crash of the underlying system and the Vault process itself. This vulnerability, CVE-2024-8185, is fixed in Vault Community 1.18.1 and Vault Enterprise 1.18.1, 1.17.8, and 1.16.12. | |||||
| CVE-2024-5798 | 1 Hashicorp | 1 Vault | 2025-11-04 | N/A | 2.6 LOW |
| Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an invalid login to succeed when it should have been rejected. This vulnerability, CVE-2024-5798, was fixed in Vault and Vault Enterprise 1.17.0, 1.16.3, and 1.15.9 | |||||
| CVE-2025-6004 | 1 Hashicorp | 1 Vault | 2025-08-13 | N/A | 5.3 MEDIUM |
| Vault and Vault Enterprise’s (“Vault”) user lockout feature could be bypassed for Userpass and LDAP authentication methods. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23. | |||||
| CVE-2025-6011 | 1 Hashicorp | 1 Vault | 2025-08-13 | N/A | 3.7 LOW |
| A timing side channel in Vault and Vault Enterprise’s (“Vault”) userpass auth method allowed an attacker to distinguish between existing and non-existing users, and potentially enumerate valid usernames for Vault’s Userpass auth method. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23. | |||||
| CVE-2025-6014 | 1 Hashicorp | 1 Vault | 2025-08-13 | N/A | 6.5 MEDIUM |
| Vault and Vault Enterprise’s (“Vault”) TOTP Secrets Engine code validation endpoint is susceptible to code reuse within its validity period. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23. | |||||
| CVE-2025-6015 | 1 Hashicorp | 1 Vault | 2025-08-13 | N/A | 5.7 MEDIUM |
| Vault and Vault Enterprise’s (“Vault”) login MFA rate limits could be bypassed and TOTP tokens could be reused. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23. | |||||
| CVE-2025-6037 | 1 Hashicorp | 1 Vault | 2025-08-13 | N/A | 6.8 MEDIUM |
| Vault and Vault Enterprise (“Vault”) TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as [+trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/cert#certificate]. In this configuration, an attacker may be able to craft a malicious certificate that could be used to impersonate another user. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23. | |||||
| CVE-2025-5999 | 1 Hashicorp | 1 Vault | 2025-08-13 | N/A | 7.2 HIGH |
| A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s token privileges to Vault’s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22. | |||||
| CVE-2025-6000 | 1 Hashicorp | 1 Vault | 2025-08-13 | N/A | 9.1 CRITICAL |
| A privileged Vault operator within the root namespace with write permission to {{sys/audit}} may obtain code execution on the underlying host if a plugin directory is set in Vault’s configuration. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23. | |||||