Vulnerabilidades em HashiCorp
93 resultadosCVE-2023-3774MEDIUMVault Enterprise Namespace Creation May Lead to Denial of ServiceEPSS 0.6%CVE-2023-1296LOWNomad ACLs Can Not Deny Access to Workload's Own VariablesEPSS 0.5%CVE-2023-1299HIGHNomad Job Submitter Privilege Escalation Using Workload IdentityEPSS 0.5%CVE-2024-12678MEDIUMNomad Allocations Vulnerable To Privilege Escalation Within A Namespace Using Unredacted Workload Identity TokensEPSS 0.5%CVE-2024-9180HIGHVault Operators in Root Namespace May Elevate Their PrivilegesEPSS 0.5%CVE-2025-12044HIGHVault Vulnerable to Denial of Service Due to Rate Limit RegressionEPSS 0.5%CVE-2022-3866MEDIUMNomad Workload Identity Token Can List Non-sensitive Metadata for Paths Under nomad/EPSS 0.5%CVE-2025-8959HIGHHashiCorp go-getter Vulnerable to Arbitrary Read through Symlink AttackEPSS 0.5%CVE-2023-3299LOWNomad Caller ACL Token's Secret ID is Exposed to SentinelEPSS 0.5%CVE-2025-13357HIGHVault Terraform Provider Applied Incorrect Defaults for LDAP Auth MethodEPSS 0.5%CVE-2024-6468HIGHVault Vulnerable to Denial of Service When Setting a Proxy Protocol BehaviorEPSS 0.5%CVE-2025-11621HIGHVault AWS auth method bypass due to AWS client cacheEPSS 0.5%CVE-2024-8185HIGHVault Vulnerable to Denial of Service When Processing Raft Join RequestsEPSS 0.5%CVE-2026-2808MEDIUMConsul vulnerable to arbitrary file reads through the vault kubernetes authentication providerEPSS 0.5%CVE-2024-8365MEDIUMVault Leaks AppRole Client Tokens And Accessor in Audit LogEPSS 0.5%CVE-2024-10006HIGHConsul L7 Intentions Vulnerable To Headers BypassEPSS 0.5%CVE-2025-4922HIGHNomad Vulnerable To Incorrect ACL Policy Lookup Attached To A JobEPSS 0.5%CVE-2023-3300MEDIUMNomad Search API Leaks Information About CSI PluginsEPSS 0.5%CVE-2025-6013MEDIUMVault LDAP MFA Enforcement Bypass When Using Username As AliasEPSS 0.5%CVE-2022-3867LOWNomad Event Stream Subscriber Using a Token with TTL Receives Updates Until Garbage CollectedEPSS 0.5%