cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score CVE-2025-0377,https://securityvulnerability.io/vulnerability/CVE-2025-0377,Zip-Slip Vulnerability in HashiCorp's go-slug Library,"HashiCorp's go-slug library is susceptible to a zip-slip attack, allowing an attacker to manipulate file paths during extraction from tar entries. When a user provides a path that doesn't exist, it can be exploited to write to unintended file locations, potentially compromising system integrity. It is essential for users of the go-slug library to address this risk by validating paths and ensuring secure extraction processes.",Hashicorp,Shared Library,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T15:23:53.104Z,0 CVE-2024-12678,https://securityvulnerability.io/vulnerability/CVE-2024-12678,Privilege Escalation Vulnerability in HashiCorp Nomad Allocations,"The vulnerability identified as CVE-2024-12678 affects HashiCorp's Nomad Community and Enterprise editions, enabling privilege escalation within a namespace due to the exposure of unredacted workload identity tokens. This security flaw can potentially allow an attacker to gain elevated permissions, compromising the integrity and security of the affected system. The issue has been addressed in the latest versions released by HashiCorp, ensuring that users can secure their environments and maintain operational safety.",Hashicorp,"Nomad,Nomad Enterprise",6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-20T01:49:40.583Z,0 CVE-2024-12289,https://securityvulnerability.io/vulnerability/CVE-2024-12289,Boundary Vulnerability May Cause Premature Server Termination,"During the initialization of the Boundary controller, Boundary Community Edition and Boundary Enterprise exhibit improper handling of HTTP requests. This flaw can lead to premature termination of the Boundary server, occurring within milliseconds during the startup process. Effective patches have been introduced in versions 0.16.4, 0.17.3, and 0.18.2 to address this issue, mitigating potential denial of service scenarios. Organizations using affected versions are encouraged to upgrade promptly to maintain operational stability and security.",Hashicorp,"Boundary,Boundary Enterprise",5.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-12T22:42:01.595Z,0 CVE-2024-10975,https://securityvulnerability.io/vulnerability/CVE-2024-10975,Arbitrary Cross-Namespace Volume Creation Vulnerability,"The Nomad volume specification is susceptible to a vulnerability that permits arbitrary cross-namespace volume creation. This occurs due to unauthorized writes via the Container Storage Interface (CSI), which does not adequately enforce proper permissions. Attackers can exploit this vulnerability to interfere with or manipulate volumes across different namespaces, potentially leading to data leaks or unauthorized access to sensitive information. The issue has been addressed in the releases of Nomad Community Edition 1.9.2 and Nomad Enterprise versions 1.9.2, 1.8.7, and 1.7.15.",Hashicorp,"Nomad,Nomad Enterprise",7.7,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-07T21:04:43.804Z,0 CVE-2024-8185,https://securityvulnerability.io/vulnerability/CVE-2024-8185,Denial of Service Vulnerability in Vault by HashiCorp,"Vault clusters, both Community and Enterprise editions, that utilize Vault's Integrated Storage backend, face a denial of service (DoS) vulnerability due to memory exhaustion at the Raft cluster join API endpoint. An attacker can exploit this vulnerability by sending a flood of requests, leading to excessive memory consumption that can potentially crash the underlying system and disrupt Vault process functionality. It is crucial for users to upgrade to Vault Community 1.18.1 or Vault Enterprise versions 1.18.1, 1.17.8, or 1.16.12 to safeguard against this threat.",HashiCorp,Vault,,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-31T16:15:00.000Z,0 CVE-2024-10086,https://securityvulnerability.io/vulnerability/CVE-2024-10086," reflective XSS vulnerability found in Consul and Consul Enterprise","A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.",Hashicorp,"Consul,Consul Enterprise",6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-30T21:21:46.559Z,0 CVE-2024-10006,https://securityvulnerability.io/vulnerability/CVE-2024-10006,Bypassing HTTP Header Based Access Rules via L7 Traffic Intentions,"A security issue has been detected in Consul and Consul Enterprise that allows L7 traffic intentions to bypass access controls established through HTTP headers. This vulnerability could enable unauthorized access, disrupting the expected security posture of applications relying on these header-based rules. It's crucial for users to review and mitigate potential risks associated with this issue.",Hashicorp,"Consul,Consul Enterprise",5.8,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-30T21:20:37.011Z,0 CVE-2024-10005,https://securityvulnerability.io/vulnerability/CVE-2024-10005,Bypassing HTTP Request Path-Based Access Rules Through URL Paths in L7 Traffic,A vulnerability in Consul and Consul Enterprise allows attackers to bypass HTTP request path-based access controls through the manipulation of URL paths in Layer 7 (L7) traffic intentions. This could lead to unauthorized access to sensitive resources and pose a significant risk to network security. Users are advised to review their access control configurations and apply necessary updates to mitigate potential exploits related to this issue.,Hashicorp,"Consul,Consul Enterprise",5.8,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-10-30T21:19:22.576Z,0 CVE-2024-10228,https://securityvulnerability.io/vulnerability/CVE-2024-10228,Vagrant Vulnerability Allows Unauthorized File System Writes,"The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path that could be modified by an unprivileged user, introducing potential for unauthorized file system writes. This vulnerability, CVE-2024-10228, was fixed in Vagrant VMWare Utility 1.0.23",Hashicorp,Vagrant,3.3,LOW,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-29T22:15:00.000Z,0 CVE-2024-9180,https://securityvulnerability.io/vulnerability/CVE-2024-9180," Root Privileges Escalation Vulnerability in Vault","A privilege escalation vulnerability exists within HashiCorp Vault, where a Vault operator possessing write permissions to the root namespace's identity endpoint could potentially escalate their own privileges or those of another user to access Vault's root policy. This could lead to unauthorized access and control over sensitive data managed within Vault. The issue has been addressed in Vault Community Edition version 1.18.0 and Vault Enterprise versions 1.18.0, 1.17.7, 1.16.11, and 1.15.16, suggesting that users should promptly upgrade to these versions to mitigate risks.",Hashicorp,"Vault,Vault Enterprise",7.2,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-10-10T21:15:00.000Z,0 CVE-2024-7594,https://securityvulnerability.io/vulnerability/CVE-2024-7594,Vault SSH secrets engine vulnerability: unauthorized access via SSH certificates,"HashiCorp Vault's SSH secrets engine suffers from a configuration issue where the valid_principals list is not enforced by default. This allows an SSH certificate, requested by an authorized user, to potentially authenticate as any user on the host if the valid_principals and default_user fields are not set appropriately. The implications of this vulnerability can lead to significant security breaches if not addressed, making it crucial for organizations using Vault to ensure correct configuration of their SSH secrets engine.",Hashicorp,"Vault,Vault Enterprise",7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-26T19:52:55.652Z,0 CVE-2024-8365,https://securityvulnerability.io/vulnerability/CVE-2024-8365,Vault Leaks AppRole Client Tokens And Accessor in Audit Log,"Vault Community Edition and Vault Enterprise experienced a regression where functionality that HMAC’d sensitive headers in the configured audit device, specifically client tokens and token accessors, was removed. This resulted in the plaintext values of client tokens and token accessors being stored in the audit log. This vulnerability, CVE-2024-8365, was fixed in Vault Community Edition and Vault Enterprise 1.17.5 and Vault Enterprise 1.16.9.",Hashicorp,"Vault,Vault Enterprise",6.5,MEDIUM,0.0008699999889358878,false,,false,false,false,,,false,false,,2024-09-02T05:15:00.000Z,0 CVE-2024-7625,https://securityvulnerability.io/vulnerability/CVE-2024-7625,Nomad Archives Vulnerability: Write Access Outside Allocation Directory,"In HashiCorp Nomad and Nomad Enterprise versions from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, an issue exists within the archive unpacking process that permits unauthorized writes to locations outside of allocated directories during the migration of those directories. This occurs when multiple archive headers point to the same target file, potentially leading to significant security risks. Access to the Nomad client agent at the source allocation is required to exploit this vulnerability, which emphasizes the need for secure handling of client agent access.",Hashicorp,"Nomad,Nomad Enterprise",5.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-15T00:15:00.000Z,0 CVE-2024-6717,https://securityvulnerability.io/vulnerability/CVE-2024-6717,Nomad Platform Vulnerable to Path Escape During Migration,"A vulnerability exists in HashiCorp Nomad and Nomad Enterprise due to improper handling of archive unpacking during migration processes. Specifically, versions 1.6.12 through 1.7.9 and 1.8.1 are susceptible to path escaping issues that may allow an attacker to manipulate the allocation directory. This flaw underscores the importance of upgrading to patched versions 1.6.13, 1.7.10, or 1.8.2 to prevent potential security risks. Organizations using affected versions should prioritize remediation to maintain the integrity of their deployment environments.",Hashicorp,"Nomad,Nomad Enterprise",7.7,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-23T01:15:00.000Z,0 CVE-2024-6257,https://securityvulnerability.io/vulnerability/CVE-2024-6257,Malicious Git Configuration Execution via go-getter Library,"The Go-Getter library from HashiCorp is susceptible to a vulnerability that allows an attacker to manipulate the Git configuration, potentially leading to arbitrary code execution. By coercing the library into executing a Git update on a maliciously modified configuration, attackers can exploit this weakness to execute unwanted code within the user's environment. This issue underscores the importance of secure coding practices and vigilant configuration management to protect against such vulnerabilities.",Hashicorp,Shared Library,8.4,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-25T16:31:03.882Z,0 CVE-2024-6104,https://securityvulnerability.io/vulnerability/CVE-2024-6104,Sensitive HTTP Basic Auth Credentials at Risk in go-retryablehttp Prior to 0.7.7,"go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.",Hashicorp,Shared Library,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-24T17:06:21.150Z,0 CVE-2024-5798,https://securityvulnerability.io/vulnerability/CVE-2024-5798,Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims,"Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an invalid login to succeed when it should have been rejected. This vulnerability, CVE-2024-5798, was fixed in Vault and Vault Enterprise 1.17.0, 1.16.3, and 1.15.9",Hashicorp,"Vault,Vault Enterprise",2.6,LOW,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-12T19:15:00.000Z,0 CVE-2024-2877,https://securityvulnerability.io/vulnerability/CVE-2024-2877,Vault Enterprise Leaks Sensitive HTTP Request Headers in the Audit Log When Deployed With a Performance Standby Node,"Vault Enterprise, when configured with performance standby nodes and a configured audit device, will inadvertently log request headers on the standby node. These logs may have included sensitive HTTP request information in cleartext. This vulnerability, CVE-2024-2877, was fixed in Vault Enterprise 1.15.8.",Hashicorp,Vault Enterprise,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-30T15:15:00.000Z,0 CVE-2024-3817,https://securityvulnerability.io/vulnerability/CVE-2024-3817,Git Injection Vulnerability Affects HashiCorp's go-getter Library,"HashiCorp's Go-Getter library contains a vulnerability that allows for argument injection during the process of executing Git commands to fetch remote branches. This security flaw exposes the system to potential exploitation by manipulating inputs, particularly in scenarios involving remote repository interactions. Importantly, this vulnerability does not affect versions located in the go-getter/v2 branch and package, making those iterations safer for users.",Hashicorp,Shared Library,9.8,CRITICAL,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-17T19:37:25.878Z,0 CVE-2024-2660,https://securityvulnerability.io/vulnerability/CVE-2024-2660,OCSP Response Validation Fix for Vault and Vault Enterprise TLS Certificates,"Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. Fixed in Vault 1.16.0 and Vault Enterprise 1.16.1, 1.15.7, and 1.14.11.",Hashicorp,"Vault,Vault Enterprise",6.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-04T18:15:00.000Z,0 CVE-2024-2048,https://securityvulnerability.io/vulnerability/CVE-2024-2048,Certificate Validation Bypass Vulnerability,"A TLS certificate authentication issue in HashiCorp Vault and Vault Enterprise has been identified, whereby the product does not adequately validate client certificates when a non-CA certificate is configured as trusted. This vulnerability permits an attacker to potentially create a malicious certificate capable of circumventing standard authentication mechanisms. It is crucial for users to apply the patched versions, Vault 1.15.5 and 1.14.10, to mitigate the risks associated with this vulnerability and ensure secure operations.",Hashicorp,"Vault,Vault Enterprise",8.1,HIGH,0.0004299999854993075,false,,true,false,false,,,true,false,,2024-03-04T19:56:47.253Z,3417 CVE-2024-1329,https://securityvulnerability.io/vulnerability/CVE-2024-1329,Nomad Client User Arbitrary File Write Vulnerability,"The vulnerability in HashiCorp Nomad and Nomad Enterprise versions 1.5.13 through 1.6.6 and 1.7.3 allows for arbitrary file write capabilities on the host system. This occurs due to insufficient validation of symlink paths by the template renderer. Attackers can exploit this flaw by creating malicious symlinks that lead to unauthorized file writes. The identified issue has been resolved in subsequent releases: Nomad 1.7.4, 1.6.7, and 1.5.14, highlighting the importance of keeping software updated to mitigate such vulnerabilities.",Hashicorp,"Nomad,Nomad Enterprise",7.5,HIGH,0.0005099999834783375,false,,false,false,false,,,false,false,,2024-02-08T19:20:10.831Z,0 CVE-2024-1052,https://securityvulnerability.io/vulnerability/CVE-2024-1052,TLS Certificate Tampering Vulnerability in Boundary Enterprise,"Boundary and Boundary Enterprise by HashiCorp are susceptible to session hijacking due to vulnerabilities associated with TLS certificate tampering. An attacker with the capability to enumerate active or pending sessions may obtain a private key linked to a session and a valid trust on first use (TOFU) token. Leveraging this information, the attacker can craft a malicious TLS certificate to hijack an active session, leading to unauthorized access to the underlying services or applications. This vulnerability poses a significant risk to users and necessitates immediate attention.",Hashicorp,"Boundary,Boundary Enterprise",8,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2024-02-05T20:43:53.939Z,0 CVE-2024-0831,https://securityvulnerability.io/vulnerability/CVE-2024-0831,Vault May Expose Sensitive Information When Configuring An Audit Log Device,"Vault and Vault Enterprise (“Vault”) may expose sensitive information when enabling an audit device which specifies the `log_raw` option, which may log sensitive information to other audit devices, regardless of whether they are configured to use `log_raw`.",Hashicorp,"Vault,Vault Enterprise",6.5,MEDIUM,0.0013000000035390258,false,,false,false,false,,,false,false,,2024-02-01T02:15:00.000Z,0 CVE-2023-6337,https://securityvulnerability.io/vulnerability/CVE-2023-6337,Vault May be Vulnerable to a Denial of Service Through Memory Exhaustion When Handling Large HTTP Requests,"HashiCorp Vault and Vault Enterprise versions starting from 1.12.0 are susceptible to a denial of service threat. This vulnerability arises when the software processes large HTTP requests, both authenticated and unauthenticated, potentially exhausting the available memory on the host system. As Vault attempts to allocate memory for these requests, it can lead to crashes, impairing service availability. HashiCorp has addressed this vulnerability in versions 1.15.4, 1.14.8, and 1.13.12, making it crucial for users to update promptly.",HashiCorp,"Vault,Vault Enterprise",7.5,HIGH,0.0008800000068731606,false,,false,false,false,,,false,false,,2023-12-08T22:15:00.000Z,0