hashicorp
208 tracked vulnerabilities.
CVE-2022-24686
MEDIUM
HashiCorp Nomad <1.0.17-1.2.5 - Info Disclosure
Feb 14, 2022
CVSS 5.9
EPSS 0.01
CVE-2021-41803
HIGH
HashiCorp Consul 1.8.1-1.11.8, 1.12.4, 1.13.1 - Missing Authorization via JWT Claim Assertion
Sep 23, 2022
CVSS 7.1
EPSS 0.01
CVE-2021-44139
HIGH
NUCLEI
Sentinel 1.8.2 - Server-Side Request Forgery
Mar 23, 2022
CVSS 7.5
EPSS 0.06
CVE-2021-45042
MEDIUM
HashiCorp Vault 1.4.0-1.7.6, 1.8.0-1.8.5, 1.9.0 - Authenticated Denial of Service via KV Secrets Engine
Dec 17, 2021
CVSS 4.9
EPSS 0.01
CVE-2021-41805
HIGH
HashiCorp Consul Enterprise < 1.8.17, 1.9.x < 1.9.11, 1.10.x < 1.10.4 - Incorrect Access Control via Namespace ACL Token
Dec 12, 2021
CVSS 8.8
EPSS 0.35
CVE-2021-43415
HIGH
HashiCorp Nomad <1.0.13, 1.1.7, 1.2.0 - Auth Bypass
Dec 03, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-43998
MEDIUM
HashiCorp Vault <1.7.5-1.8.4 - Info Disclosure
Nov 30, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-42135
HIGH
HashiCorp Vault 1.8.0-1.8.4 - Improper Privilege Management via Glob Policy Interaction
Oct 11, 2021
CVSS 8.1
EPSS 0.01
CVE-2021-41802
LOW
HashiCorp Vault < 1.7.5 - Privilege Escalation via Entity Alias Merging
Oct 08, 2021
CVSS 2.9
EPSS 0.01
CVE-2021-41865
MEDIUM
Nomad 1.1.1-1.1.5 - Authenticated Denial of Service via Incomplete Job Specification with Consul Mesh Gateway
Oct 07, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-40862
HIGH
HashiCorp Terraform Enterprise <202109-1 - Info Disclosure
Sep 15, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-38698
MEDIUM
HashiCorp Consul < 1.8.15, 1.10.1 - Missing Authorization in Txn.Apply Endpoint
Sep 07, 2021
CVSS 6.5
EPSS 0.02
CVE-2021-37219
HIGH
HashiCorp Consul <1.8.15, 1.10.1 - Privilege Escalation via Raft RPC Layer
Sep 07, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-37218
HIGH
HashiCorp Nomad < 1.0.10 - Privilege Escalation via Raft RPC Layer
Sep 07, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-27668
MEDIUM
HashiCorp Vault Enterprise <1.6.2 - Info Disclosure
Aug 31, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-38554
MEDIUM
HashiCorp Vault <1.8.0 - Info Disclosure
Aug 13, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-38553
MEDIUM
HashiCorp Vault <1.8.0 - Info Disclosure
Aug 13, 2021
CVSS 4.4
EPSS 0.00
CVE-2021-36230
HIGH
HashiCorp Terraform Enterprise <v202107-1 - Privilege Escalation
Jul 20, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-36213
HIGH
HashiCorp Consul <1.9.8-1.10.1 - DoS
Jul 17, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-32574
HIGH
HashiCorp Consul 1.3.0-1.10.0 - Improper Certificate Validation in Envoy Proxy TLS Configuration
Jul 17, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-32575
MEDIUM
HashiCorp Nomad <1.0.4 - Privilege Escalation
Jun 17, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-32923
HIGH
HashiCorp Vault <1.5.9, <1.6.5, <1.7.2 - Info Disclosure
Jun 03, 2021
CVSS 7.4
EPSS 0.01
CVE-2021-32074
HIGH
HashiCorp vault-action < 2.2.0 - Sensitive Information Exposure via Multi-Line Secret Log Masking Bypass
May 07, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-30476
CRITICAL
HashiCorp Terraform's Vault Provider - Auth Bypass
Apr 22, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-29653
HIGH
HashiCorp Vault 1.5.1-1.5.7 - Improper Certificate Validation in PKI Engine CRL Generation
Apr 22, 2021
CVSS 7.5
EPSS 0.01
Products
vault 72
nomad 38
consul 36
go-getter 10
vagrant_vmware_fusion 7
boundary 6
Nomad 5
Nomad Enterprise 5
Vault 5
Vault Enterprise 5
terraform 5
terraform_enterprise 5
Tooling 4
vagrant 4
Shared library 3
Consul 2
Consul Enterprise 2
go-slug 2
sentinel 2
terraform_provider 2
Boundary 1
Boundary Enterprise 1
Terraform Enterprise 1
consul-template 1
consul_docker_image 1
consul_template 1
go-retryablehttp 1
hermes 1
nomad-driver-exec2 1
packer 1
Quick Filters