3 matches found
Security Bulletin: Incomplete Fix For Previous Vault DoS Issue
Summary A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. This may lead to a timeout in Vault’s auditing subroutine, potentially resulting in the Vault server to becom...
CVE-2025-6203
creationtimestamp| type| source ---|---|--- 2025-08-28 20:03:51+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115108179538985792 2025-09-02 06:30:23+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lxtijqktdl25 2025-09-02 16:09:59+00:00| seen|...
PT-2025-35133
Name of the Vulnerable Software and Affected Versions HashiCorp Vault versions prior to 1.20.3 HashiCorp Vault Enterprise versions 1.19.9, 1.18.14, and 1.16.25 Description A malicious user can submit a specially crafted payload that results in excessive memory and CPU consumption, potentially...