15 matches found
EUVD-2025-13240
Malicious code in bioql PyPI...
openbao-2.2.2-1.1 on GA media (moderate)
openbao-2.2.2-1.1 on GA media Announcement ID: openSUSE-SU-2025:15186-1 Rating: moderate Cross-References: CVE-2025-4166 CVSS scores: CVE-2025-4166 SUSE : 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be...
SUSE CVE-2025-4166
Vault Community and Vault Enterprise Key/Value kv Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is...
BIT-VAULT-2025-4166 Vault May Include Sensitive Data in Error Logs When Using the KV v2 Plugin
Vault Community and Vault Enterprise Key/Value kv Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is...
CVE-2025-4166
Vault Community and Vault Enterprise Key/Value kv Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is...
CVE-2025-4166 vulnerabilities
Vulnerabilities for packages: splunk-otel-collector...
CVE-2025-4166 vulnerabilities
Vulnerabilities for packages: splunk-otel-collector-fips, splunk-otel-collector...
GHSA-GCQF-F89C-68HV Hashicorp Vault Community vulnerable to Generation of Error Message Containing Sensitive Information
Vault Community and Vault Enterprise Key/Value kv Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is...
Hashicorp Vault Community vulnerable to Generation of Error Message Containing Sensitive Information
Vault Community and Vault Enterprise Key/Value kv Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is...
CVE-2025-4166
Vault Community and Vault Enterprise Key/Value kv Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is...
CVE-2025-4166 Vault May Include Sensitive Data in Error Logs When Using the KV v2 Plugin
Vault Community and Vault Enterprise Key/Value kv Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is...
CVE-2025-4166
CVE-2025-4166 affects Vault Community and Vault Enterprise KV v2 plugin. When handling malformed payloads during secret create/update via the Vault REST API, servers/audit logs may leak sensitive information due to error message content. The issue is fixed in Vault Community 1.19.3 and Vault Ente...
CVE-2025-4166 Vault May Include Sensitive Data in Error Logs When Using the KV v2 Plugin
Vault Community and Vault Enterprise Key/Value kv Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is...
CVE-2025-4166 Vault May Include Sensitive Data in Error Logs When Using the KV v2 Plugin
Vault Community and Vault Enterprise Key/Value kv Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is...
CVE-2025-4166
Vault Community and Vault Enterprise Key/Value kv Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is...