37 matches found
GHSA-VF84-MXRQ-CRQC OpenBao Root Namespace Operator May Elevate Token Privileges
Impact Accounts with access to the highly-privileged identity entity system in the root namespace may increase their scope directly to the root policy. While the identity system always allowed adding arbitrary policies, which in turn could contain capability grants on arbitrary paths, the root...
SUSE CVE-2025-6000
A privileged Vault operator within the root namespace with write permission to sys/audit may obtain code execution on the underlying host if a plugin directory is set in Vault's configuration. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection on the host by exploiting write permissions in the root namespace, creating audit files in the plugin directory, and using the plugin registration functionality to execute the created files. Notes: - This is onl...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection on the host by exploiting write permissions in the root namespace, creating audit files in the plugin directory, and using the plugin registration functionality to execute the created files. Notes: - This is onl...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment via the identity endpoint in the root namespace. An attacker can gain unauthorized access to elevated privileges by modifying token permissions to use the root policy. Remediation Upgrade...
Arbitrary Code Injection
Overview github.com/hashicorp/vault/command is a tool for secrets management, encryption as a service, and privileged access management. Affected versions of this package are vulnerable to Arbitrary Code Injection on the host by exploiting write permissions in the root namespace, creating audit...
Arbitrary Code Injection
Overview github.com/hashicorp/vault/vault is a tool for securely accessing secrets. Affected versions of this package are vulnerable to Arbitrary Code Injection on the host by exploiting write permissions in the root namespace, creating audit files in the plugin directory, and using the plugin...
CVE-2025-6000 Arbitrary Remote Code Execution via Plugin Catalog Abuse
A privileged Vault operator within the root namespace with write permission to sys/audit may obtain code execution on the underlying host if a plugin directory is set in Vault’s configuration. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23...
CVE-2025-5999 Vault Root Namespace Operator May Elevate Token Privileges
A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s token privileges to Vault’s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22...
Vault Root Namespace Operator May Elevate Token Privileges
Summary A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s token privileges to Vault’s root policy. This vulnerability, identified as CVE-2025-5999, is fixed in Vault Community Edition 1.20.0 and Vault Enterprise...
OESA-2024-2588 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload...
CVE-2024-9180 Vault Operators in Root Namespace May Elevate Their Privileges
A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s privileges to Vault’s root policy. Fixed in Vault Community Edition 1.18.0 and Vault Enterprise 1.18.0, 1.17.7, 1.16.11, and 1.15.16...
CVE-2024-9180 Vault Operators in Root Namespace May Elevate Their Privileges
A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s privileges to Vault’s root policy. Fixed in Vault Community Edition 1.18.0 and Vault Enterprise 1.18.0, 1.17.7, 1.16.11, and 1.15.16...
Vault Operators in Root Namespace May Elevate Their Privileges
Summary A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s privileges to Vault’s root policy. This vulnerability, identified as CVE-2024-9180, is fixed in Vault Community Edition 1.18.0 and Vault Enterprise 1.18....
HashiCorp Vault Community Edition和Vault Enterprise 安全漏洞
HashiCorp Vault Enterprise and HashiCorp Vault Community Edition are both products of HashiCorp, Inc. of the U.S.A. HashiCorp Vault Enterprise is an enterprise information archiving platform.HashiCorp Vault HashiCorp Vault Enterprise is an enterprise information archiving platform, and HashiCorp...
SUSE CVE-2011-4136
django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote attackers to modify a session by triggering use of a key that is equal to that...
PYSEC-2011-1
django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote attackers to modify a session by triggering use of a key that is equal to that...