8 matches found
EUVD-2024-1224
Malicious code in bioql PyPI...
CVE-2024-2660
A flaw was found in the OCSP response handling logic of Vault’s TLS certificate authentication method. This issue may result in signatures and responses from multiple servers not being handled properly. A malicious actor with privileged network access may be able to successfully authenticate via...
CVE-2024-2660
Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. This vulnerability, CVE-2024-2660, affects Vault and Vault Enterprise 1.14.0 and above, and is fixed in Vault 1.16.0 and Vault Enterprise 1.16.1, 1.15.7...
CVE-2024-2660 vulnerabilities
Vulnerabilities for packages: k3d...
CVE-2024-2660 Vault TLS Cert Auth Method Did Not Correctly Validate OCSP Responses
Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. This vulnerability, CVE-2024-2660, affects Vault and Vault Enterprise 1.14.0 and above, and is fixed in Vault 1.16.0 and Vault Enterprise 1.16.1, 1.15.7...
CVE-2024-2660
CVE-2024-2660 : HashiCorp Vault and Vault Enterprise TLS cert authentication method did not correctly validate OCSP responses when multiple OCSP sources were configured, per the CVE entry. The issue affects Vault and Vault Enterprise 1.14.0 and newer and is fixed in Vault 1.16.0 and Vault Enterpr...
CVE-2024-2660 Vault TLS Cert Auth Method Did Not Correctly Validate OCSP Responses
Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. This vulnerability, CVE-2024-2660, affects Vault and Vault Enterprise 1.14.0 and above, and is fixed in Vault 1.16.0 and Vault Enterprise 1.16.1, 1.15.7...
Vault TLS Cert Auth Method Did Not Correctly Validate OCSP Responses
Summary Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. This vulnerability, CVE-2024-2660, affects Vault and Vault Enterprise 1.14.0 and above, and is fixed in Vault 1.16.0 and Vault Enterprise 1.16.1...