Lucene search
+L

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-2824

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00474EPSS
Exploits0References5
OSV
OSV
added 2024/09/04 7:26 a.m.14 views

BIT-VAULT-2024-8365 Vault Leaks AppRole Client Tokens And Accessor in Audit Log

Vault Community Edition and Vault Enterprise experienced a regression where functionality that HMAC’d sensitive headers in the configured audit device, specifically client tokens and token accessors, was removed. This resulted in the plaintext values of client tokens and token accessors being...

6.5CVSS6.1AI score0.00474EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/09/02 6:30 a.m.22 views

Vault Leaks Client Token and Token Accessor in Audit Devices

Vault Community Edition and Vault Enterprise experienced a regression where functionality that HMAC’d sensitive headers in the configured audit device, specifically client tokens and token accessors, was removed. This resulted in the plaintext values of client tokens and token accessors being...

6.5CVSS6.5AI score0.00474EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/09/02 6:30 a.m.11 views

GHSA-JJXF-26C9-77GM Vault Leaks Client Token and Token Accessor in Audit Devices

Vault Community Edition and Vault Enterprise experienced a regression where functionality that HMAC’d sensitive headers in the configured audit device, specifically client tokens and token accessors, was removed. This resulted in the plaintext values of client tokens and token accessors being...

6.5CVSS6.1AI score0.00474EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/09/02 6:10 a.m.16 views

CVE-2024-8365

Vault Community Edition and Vault Enterprise experienced a regression where functionality that HMAC’d sensitive headers in the configured audit device, specifically client tokens and token accessors, was removed. This resulted in the plaintext values of client tokens and token accessors being...

6.2CVSS6.6AI score0.00474EPSS
Exploits0References4
NVD
NVD
added 2024/09/02 5:15 a.m.30 views

CVE-2024-8365

Vault Community Edition and Vault Enterprise experienced a regression where functionality that HMAC’d sensitive headers in the configured audit device, specifically client tokens and token accessors, was removed. This resulted in the plaintext values of client tokens and token accessors being...

6.5CVSS0.00474EPSS
Exploits0References1
CVE
CVE
added 2024/09/02 1:30 a.m.355 views

CVE-2024-8365

Vault Community Edition and Vault Enterprise regressed by removing the HMAC protection for sensitive headers in the audit device, causing plaintext client tokens and token accessors to be written to audit logs. The issue is documented as CVE-2024-8365 and has been fixed in Vault Community Edition...

6.5CVSS6.2AI score0.00474EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/09/02 1:30 a.m.33 views

CVE-2024-8365 Vault Leaks AppRole Client Tokens And Accessor in Audit Log

Vault Community Edition and Vault Enterprise experienced a regression where functionality that HMAC’d sensitive headers in the configured audit device, specifically client tokens and token accessors, was removed. This resulted in the plaintext values of client tokens and token accessors being...

6.2CVSS0.00474EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/02 1:30 a.m.12 views

CVE-2024-8365 Vault Leaks AppRole Client Tokens And Accessor in Audit Log

Vault Community Edition and Vault Enterprise experienced a regression where functionality that HMAC’d sensitive headers in the configured audit device, specifically client tokens and token accessors, was removed. This resulted in the plaintext values of client tokens and token accessors being...

6.2CVSS6.6AI score0.00474EPSS
Exploits0References1
OSV
OSV
added 2024/09/02 1:30 a.m.7 views

CVE-2024-8365 Vault Leaks AppRole Client Tokens And Accessor in Audit Log

Vault Community Edition and Vault Enterprise experienced a regression where functionality that HMAC’d sensitive headers in the configured audit device, specifically client tokens and token accessors, was removed. This resulted in the plaintext values of client tokens and token accessors being...

6.2CVSS6.6AI score0.00474EPSS
Exploits0References4
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2024/08/31 12:59 a.m.7 views

Vault Leaks Client Token and Token Accessor in Audit Devices

Summary Vault Community Edition and Vault Enterprise experienced a regression where functionality that HMAC’d sensitive headers in the configured audit device, specifically client tokens and token accessors, was removed. This resulted in the plaintext values of client tokens and token accessors...

6.5CVSS6.6AI score0.00474EPSS
Exploits0Affected Software2
Rows per page
Query Builder