Lucene search
K

4 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 7:43 p.m.9 views

Security Bulletin: Vault Vulnerable to Denial of Service Due to Rate Limit Regression

Summary Vault and Vault Enterprise “Vault” are vulnerable to an unauthenticated denial of service when processing JSON payloads. This occurs due to a regression from a previous fix for HCSEC-2025-24 which allowed for processing JSON payloads before applying rate limits. This vulnerability,...

7.5CVSS6.7AI score0.00517EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/10/28 11:51 a.m.5 views

BIT-VAULT-2025-12044 Vault Vulnerable to Denial of Service Due to Rate Limit Regression

Vault and Vault Enterprise “Vault” are vulnerable to an unauthenticated denial of service when processing JSON payloads. This occurs due to a regression from a previous fix for +HCSEC-2025-24+|https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393...

7.5CVSS6.5AI score0.00517EPSS
Exploits0References2
CVE
CVE
added 2025/10/23 7:15 p.m.69 views

CVE-2025-12044

CVE-2025-12044: Vault and Vault Enterprise are vulnerable to unauthenticated DoS when processing JSON due to a rate-limit regression from HCSEC-2025-24. Affected: Vault Community 1.20.3–1.20.4; Vault Enterprise 1.16.25–1.16.26, 1.19.9–1.19.10, 1.18.14–1.18.15. Fixed in Vault Community 1.21.0 and ...

7.5CVSS6.4AI score0.00517EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/23 7:15 p.m.4 views

CVE-2025-12044 Vault Vulnerable to Denial of Service Due to Rate Limit Regression

Vault and Vault Enterprise “Vault” are vulnerable to an unauthenticated denial of service when processing JSON payloads. This occurs due to a regression from a previous fix for +HCSEC-2025-24+|https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393...

7.5CVSS6.4AI score0.00517EPSS
Exploits0References1
Rows per page
Query Builder