hashicorp

201 tracked vulnerabilities.

CVE-2020-25864 MEDIUM NUCLEI
HashiCorp Consul < 1.7.14, 1.8.0-1.8.9, 1.9.0-1.9.4 - Stored Cross-Site Scripting in KV Raw Mode
Apr 20, 2021
CVSS 6.1
EPSS 0.83
CVE-2020-25594 MEDIUM
HashiCorp Vault <1.6.2-1.5.7 - Info Disclosure
Feb 01, 2021
CVSS 5.3
EPSS 0.00
CVE-2020-8567 MEDIUM
Google Secret Manager Provider For Secret Store Csi Driver < 0.2.0 - Path Traversal
Jan 21, 2021
CVSS 4.9
EPSS 0.00
CVE-2020-35453 MEDIUM
HashiCorp Vault Enterprise - Privilege Escalation
Dec 17, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-35177 MEDIUM
HashiCorp Vault <1.5.6, <1.6.1 - Info Disclosure
Dec 17, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-35192 CRITICAL
Vault Docker <0.11.6 - Privilege Escalation
Dec 17, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-29564 CRITICAL
Consul Docker <1.4.2 - Privilege Escalation
Dec 08, 2020
CVSS 9.8
EPSS 0.50
CVE-2020-29529 HIGH
HashiCorp go-slug <0.5.0 - Path Traversal
Dec 03, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-28348 MEDIUM
HashiCorp Nomad 0.9.0-0.12.7 - Path Traversal via Docker File Sandbox
Nov 24, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-28053 MEDIUM
HashiCorp Consul 1.2.0-1.8.5 - Incorrect Authorization for Connect CA Private Key
Nov 23, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-25201 HIGH
HashiCorp Consul 1.7.0-1.8.4 - Denial of Service via Namespace Replication Raft Writes
Nov 04, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-27195 CRITICAL
HashiCorp Nomad <0.12.5 - Code Injection
Oct 22, 2020
CVSS 9.1
EPSS 0.00
CVE-2020-25816 MEDIUM
HashiCorp Vault <1.4.7, <1.5.4 - Info Disclosure
Sep 30, 2020
CVSS 6.8
EPSS 0.00
CVE-2020-16251 HIGH
HashiCorp Vault 0.8.3-1.2.4 - Authentication Bypass via GCP GCE Auth Method
Aug 26, 2020
CVSS 8.2
EPSS 0.01
CVE-2020-16250 HIGH
HashiCorp Vault 0.7.1-1.2.4 - Authentication Bypass via AWS IAM Auth Method
Aug 26, 2020
CVSS 8.2
EPSS 0.02
CVE-2020-24359 HIGH
HashiCorp vault-ssh-helper <0.2.0 - Info Disclosure
Aug 20, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-15511 MEDIUM
HashiCorp Terraform Enterprise <202006-1 - Auth Bypass
Jul 30, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-13250 HIGH
HashiCorp Consul <1.6.6, <1.7.4 - DoS
Jun 11, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-13170 HIGH
HashiCorp Consul <1.6.6-1.7.4 - Privilege Escalation
Jun 11, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-12797 MEDIUM
HashiCorp Consul <1.6.6-1.7.4 - Info Disclosure
Jun 11, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-12758 HIGH
HashiCorp Consul <1.6.6-1.7.4 - DoS
Jun 11, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-13223 HIGH
HashiCorp Vault <1.3.6, <1.4.2 - Info Disclosure
Jun 10, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-12757 CRITICAL
HashiCorp Vault <1.4.2 - Info Disclosure
Jun 10, 2020
CVSS 9.8
EPSS 0.00
CVE-2020-10944 MEDIUM
HashiCorp Nomad < 0.10.5 - Stored Cross-Site Scripting via Malicious Workload Files
Apr 28, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-10661 CRITICAL
HashiCorp Vault <1.3.3 - Info Disclosure
Mar 23, 2020
CVSS 9.1
EPSS 0.00
Products
vault 72 nomad 38 consul 36 go-getter 10 vagrant_vmware_fusion 7 boundary 6 terraform 5 terraform_enterprise 5 Vault 4 Vault Enterprise 4 vagrant 4 Tooling 3 Consul 2 Consul Enterprise 2 Nomad 2 Nomad Enterprise 2 Shared library 2 go-slug 2 sentinel 2 terraform_provider 2 Boundary 1 Boundary Enterprise 1 consul-template 1 consul_docker_image 1 consul_template 1 go-retryablehttp 1 hermes 1 nomad-driver-exec2 1 packer 1 retryablehttp 1
Quick Filters
Critical CVEs With Exploits In CISA KEV