Vulnerabilidades en HashiCorp
93 resultadosCVE-2024-12289MEDIUMBoundary Controller Incorrectly Handles HTTP Requests On Initialization Which May Lead to a Denial of ServiceEPSS 0.4%CVE-2023-4680MEDIUMVault's Transit Secrets Engine Allowed Nonce Specified without Convergent EncryptionEPSS 0.4%CVE-2023-3072MEDIUMNomad ACL Policies without Label are Applied to Unexpected ResourcesEPSS 0.4%CVE-2024-6104MEDIUMgo-retryablehttp can leak basic auth credentials to log filesEPSS 0.4%CVE-2025-3879MEDIUMVault’s Azure Authentication Method bound_location Restriction Could be Bypassed on LoginEPSS 0.4%CVE-2024-5798LOWVault Incorrectly Validated JSON Web Tokens (JWT) Audience ClaimsEPSS 0.3%CVE-2025-6014MEDIUMVault TOTP Secrets Engine Code ReuseEPSS 0.3%CVE-2025-4166MEDIUMVault May Include Sensitive Data in Error Logs When Using the KV v2 PluginEPSS 0.3%CVE-2024-7625MEDIUMNomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive UnpackingEPSS 0.3%CVE-2023-0665MEDIUMVault PKI Issuer Endpoint Did Not Correctly Authorize Access to Issuer MetadataEPSS 0.3%CVE-2026-5052MEDIUMVault Vulnerable to Server-Side Request Forgery in ACME Challenge Validation via Attacker-Controlled DNSEPSS 0.3%CVE-2025-1293HIGHHashiCorp Hermes Improperly Validates AWS ALB JWTs, which May Lead to Authentication BypassEPSS 0.3%CVE-2026-4525HIGHVault Token Leaked to Backends via Authorization: Bearer Passthrough HeaderEPSS 0.3%CVE-2025-6011LOWTiming Side-Channel in Vault’s Userpass Auth MethodEPSS 0.3%CVE-2024-2660MEDIUMVault TLS Cert Auth Method Did Not Correctly Validate OCSP ResponsesEPSS 0.3%CVE-2026-3605HIGHVault KVv2 Metadata and Secret Deletion Policy Bypass Denial-of-ServiceEPSS 0.3%CVE-2024-1052HIGHBoundary Vulnerable to Session Hijacking Through TLS Certificate TamperingEPSS 0.3%CVE-2025-6015MEDIUMVault Login MFA Bypass of Rate Limiting and TOTP Code ReuseEPSS 0.3%CVE-2024-7594HIGHVault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By DefaultEPSS 0.3%CVE-2023-4782MEDIUMTerraform Allows Arbitrary File Write During Init OperationEPSS 0.3%