hashicorp
208 tracked vulnerabilities.
CVE-2022-3866
MEDIUM
HashiCorp Nomad <1.4.2 - Info Disclosure
Nov 10, 2022
CVSS 5.0
EPSS 0.01
CVE-2022-36182
MEDIUM
Hashicorp Boundary < 0.11.0 - Clickjacking
Oct 27, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-41316
MEDIUM
HashiCorp Vault <1.12.0-1.9.10 - Info Disclosure
Oct 12, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-41606
MEDIUM
HashiCorp Nomad <1.2.12, <1.3.5 - DoS
Oct 12, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-42717
HIGH
Vagrant < 2.3.1 - Local Privilege Escalation via Sudoers Configuration
Oct 11, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-40716
MEDIUM
HashiCorp Consul <1.11.8-1.13.1 - Privilege Escalation
Sep 23, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-40186
CRITICAL
HashiCorp Vault < 1.9.9 and 1.11.0-1.11.3 - Authorization Bypass via Entity Alias Metadata Overwrite
Sep 22, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-36130
CRITICAL
HashiCorp Boundary <0.10.1 - Privilege Escalation
Sep 01, 2022
CVSS 9.9
EPSS 0.00
CVE-2022-38149
HIGH
HashiCorp Consul Template <0.27.2, 0.28.2, 0.29.1 - Info Disclosure
Aug 17, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-36129
CRITICAL
HashiCorp Vault Enterprise <1.9.8, <1.10.5, <1.11.1 - Privilege Esc...
Jul 26, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-30324
CRITICAL
HashiCorp Nomad 0.2.0-1.3.0 - Privilege Escalation via Artifact Stanza in Job Submission
Jun 02, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-30323
HIGH
go-getter <1.6.1, <2.1.0 - Info Disclosure
May 25, 2022
CVSS 8.6
EPSS 0.01
CVE-2022-30322
HIGH
go-getter < 1.5.11 and 2.0.2 - Asymmetric Resource Exhaustion via Malicious HTTP Responses
May 25, 2022
CVSS 8.6
EPSS 0.01
CVE-2022-30321
HIGH
HashiCorp go-getter < 1.5.11, 2.0.2 - Path Traversal and Command Injection
May 25, 2022
CVSS 8.6
EPSS 0.03
CVE-2022-26945
CRITICAL
go-getter <1.6.1-2.1.0 - Open Redirect
May 25, 2022
CVSS 9.8
EPSS 0.02
CVE-2022-30689
MEDIUM
HashiCorp Vault <1.10.2 - Info Disclosure
May 17, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-29810
MEDIUM
Hashicorp go-getter < 1.5.11 - Sensitive Information Disclosure in Log Files
Apr 27, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-29153
HIGH
NUCLEI
HashiCorp Consul <1.9.16-1.11.4 - SSRF
Apr 19, 2022
CVSS 7.5
EPSS 0.09
CVE-2022-25244
MEDIUM
HashiCorp Vault 1.7.0-1.7.9 - Authenticated Transform Key Exposure via Configuration Endpoint
Mar 10, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-25243
MEDIUM
Vault 1.8.0-1.8.8 and 1.9.3 - Improper Certificate Validation in PKI Secrets Engine
Mar 10, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-24685
HIGH
HashiCorp Nomad <1.0.17-1.2.5 - DoS
Feb 28, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-25374
HIGH
Terraform Enterprise < 202202-1 - Sensitive Data Exposure via HTTP Request Logging
Feb 25, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-24687
MEDIUM
HashiCorp Consul <1.9.14-1.11.2 - Privilege Escalation
Feb 24, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-24683
HIGH
HashiCorp Nomad <1.2.5 - Info Disclosure
Feb 17, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-24684
MEDIUM
HashiCorp Nomad 0.9.0-1.0.16 1.1.11 1.2.5 - Denial of Service via Spread Job Stanza
Feb 15, 2022
CVSS 6.5
EPSS 0.01
Products
vault 72
nomad 38
consul 36
go-getter 10
vagrant_vmware_fusion 7
boundary 6
Nomad 5
Nomad Enterprise 5
Vault 5
Vault Enterprise 5
terraform 5
terraform_enterprise 5
Tooling 4
vagrant 4
Shared library 3
Consul 2
Consul Enterprise 2
go-slug 2
sentinel 2
terraform_provider 2
Boundary 1
Boundary Enterprise 1
Terraform Enterprise 1
consul-template 1
consul_docker_image 1
consul_template 1
go-retryablehttp 1
hermes 1
nomad-driver-exec2 1
packer 1
Quick Filters