Lucene search
+L

34 matches found

SUSE CVE
SUSE CVE
added 2026/05/27 3:51 a.m.6 views

SUSE CVE-2024-8185

Vault Community and Vault Enterprise “Vault” clusters using Vault's Integrated Storage backend are vulnerable to a denial-of-service DoS attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vaul...

7.5CVSS7.1AI score0.00479EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-1503

Malware in sbrugna...

4.4CVSS4.6AI score0.00271EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-31839

Malicious code in bioql PyPI...

6.8CVSS5.1AI score0.01407EPSS
Exploits0References3
Redos
Redos
added 2024/11/13 12:0 a.m.16 views

ROS-20241112-08

A vulnerability in the Raft Consensus Algorithm of the Raft data distribution algorithm of the Integrated storage Raft storage of HashiCorp Vault and Vault Enterprise platforms for archiving corporate information is associated with unlimited resource consumption as a result of nodes incorrectly...

7.5CVSS6.7AI score0.00479EPSS
Exploits0
NVD
NVD
added 2024/10/31 4:15 p.m.32 views

CVE-2024-8185

Vault Community and Vault Enterprise “Vault” clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service DoS attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vaul...

7.5CVSS0.00479EPSS
Exploits0References1
OSV
OSV
added 2024/10/31 3:14 p.m.5 views

CVE-2024-8185 Vault Vulnerable to Denial of Service When Processing Raft Join Requests

Vault Community and Vault Enterprise “Vault” clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service DoS attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vaul...

7.5CVSS7.1AI score0.00479EPSS
Exploits0References4
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2024/10/31 12:38 p.m.8 views

Vault Vulnerable to Denial of Service Through Memory Exhaustion When Processing Raft Cluster Join Requests

Summary Vault Community and Vault Enterprise “Vault” clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service DoS attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may...

7.5CVSS7AI score0.00479EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/03/06 11:10 a.m.19 views

BIT-VAULT-2021-38553

HashiCorp Vault and Vault Enterprise 1.4.0 through 1.7.3 initialized an underlying database file associated with the Integrated Storage feature with excessively broad filesystem permissions. Fixed in Vault and Vault Enterprise 1.8.0...

4.4CVSS4.9AI score0.00271EPSS
Exploits0References3
OSV
OSV
added 2024/03/06 11:10 a.m.21 views

BIT-VAULT-2021-45042

In HashiCorp Vault and Vault Enterprise before 1.7.7, 1.8.x before 1.8.6, and 1.9.x before 1.9.1, clusters using the Integrated Storage backend allowed an authenticated user with write permissions to a kv secrets engine to cause a panic and denial of service of the storage backend. The earliest...

6.8CVSS5.2AI score0.01407EPSS
Exploits0References4
NVD
NVD
added 2022/07/26 11:15 p.m.24 views

CVE-2022-36129

HashiCorp Vault Enterprise 1.7.0 through 1.9.7, 1.10.4, and 1.11.0 clusters using Integrated Storage expose an unauthenticated API endpoint that could be abused to override the voter status of a node within a Vault HA cluster, introducing potential for future data loss or catastrophic failure...

9.1CVSS0.01333EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/26 11:15 p.m.5 views

CVE-2022-36129

HashiCorp Vault Enterprise 1.7.0 through 1.9.7, 1.10.4, and 1.11.0 clusters using Integrated Storage expose an unauthenticated API endpoint that could be abused to override the voter status of a node within a Vault HA cluster, introducing potential for future data loss or catastrophic failure...

9.1CVSS5.8AI score0.01333EPSS
Exploits0References4
Prion
Prion
added 2022/07/26 11:15 p.m.25 views

Denial of service

HashiCorp Vault Enterprise 1.7.0 through 1.9.7, 1.10.4, and 1.11.0 clusters using Integrated Storage expose an unauthenticated API endpoint that could be abused to override the voter status of a node within a Vault HA cluster, introducing potential for future data loss or catastrophic failure...

6.4CVSS9.1AI score0.01333EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/07/26 10:21 p.m.30 views

CVE-2022-36129

HashiCorp Vault Enterprise 1.7.0 through 1.9.7, 1.10.4, and 1.11.0 clusters using Integrated Storage expose an unauthenticated API endpoint that could be abused to override the voter status of a node within a Vault HA cluster, introducing potential for future data loss or catastrophic failure...

9.5AI score0.01333EPSS
Exploits0References3
CVE
CVE
added 2022/07/26 10:21 p.m.97 views

CVE-2022-36129

HashiCorp Vault Enterprise clusters using Integrated Storage (versions 1.7.0–1.9.7, 1.10.4, 1.11.0) expose an unauthenticated API endpoint that can be abused to override the voter status of a node in a Vault HA cluster, potentially enabling data loss or catastrophic failure. The issue is caused b...

9.1CVSS9.2AI score0.01333EPSS
Exploits0References3Affected Software1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2022/07/26 12:39 a.m.6 views

Vault Enterprise Does Not Verify Existing Voter Status When Joining An Integrated Storage HA Node

Summary Vault Enterprise “Vault” clusters using Integrated Storage expose an unauthenticated API endpoint that could be abused to override the voter status of a node within a Vault HA cluster, introducing potential for future data loss or catastrophic failure. This vulnerability, CVE-2022-36129,...

9.1CVSS7AI score0.01333EPSS
Exploits0Affected Software1
NVD
NVD
added 2021/12/17 2:15 p.m.33 views

CVE-2021-45042

In HashiCorp Vault and Vault Enterprise before 1.7.7, 1.8.x before 1.8.6, and 1.9.x before 1.9.1, clusters using the Integrated Storage backend allowed an authenticated user with write permissions to a kv secrets engine to cause a panic and denial of service of the storage backend. The earliest...

6.8CVSS0.01407EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2021/12/17 2:15 p.m.2 views

CVE-2021-45042

In HashiCorp Vault and Vault Enterprise before 1.7.7, 1.8.x before 1.8.6, and 1.9.x before 1.9.1, clusters using the Integrated Storage backend allowed an authenticated user with write permissions to a kv secrets engine to cause a panic and denial of service of the storage backend. The earliest...

6.8CVSS5.8AI score0.01407EPSS
Exploits0References4
OSV
OSV
added 2021/12/17 2:15 p.m.29 views

CVE-2021-45042

In HashiCorp Vault and Vault Enterprise before 1.7.7, 1.8.x before 1.8.6, and 1.9.x before 1.9.1, clusters using the Integrated Storage backend allowed an authenticated user with write permissions to a kv secrets engine to cause a panic and denial of service of the storage backend. The earliest...

4.9CVSS6.5AI score
Exploits0References3
Prion
Prion
added 2021/12/17 2:15 p.m.26 views

Denial of service

In HashiCorp Vault and Vault Enterprise before 1.7.7, 1.8.x before 1.8.6, and 1.9.x before 1.9.1, clusters using the Integrated Storage backend allowed an authenticated user with write permissions to a kv secrets engine to cause a panic and denial of service of the storage backend. The earliest...

6.8CVSS5.3AI score0.01407EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/12/17 1:38 p.m.37 views

CVE-2021-45042

In HashiCorp Vault and Vault Enterprise before 1.7.7, 1.8.x before 1.8.6, and 1.9.x before 1.9.1, clusters using the Integrated Storage backend allowed an authenticated user with write permissions to a kv secrets engine to cause a panic and denial of service of the storage backend. The earliest...

5.6AI score0.01407EPSS
Exploits0References3
Rows per page
Query Builder