Affected by GO-2022-0618
and 18 other vulnerabilities
GO-2022-0618: Hashicorp Vault Privilege Escalation Vulnerability in github.com/hashicorp/vault
GO-2022-0632: Improper Removal of Sensitive Information Before Storage or Transfer in HashiCorp Vault in github.com/hashicorp/vault
GO-2023-1708: HashiCorp Vault's PKI mount vulnerable to denial of service in github.com/hashicorp/vault
GO-2023-1849: Hashicorp Vault vulnerable to Cross-site Scripting in github.com/hashicorp/vault
GO-2023-1897: HashiCorp Vault's revocation list not respected in github.com/hashicorp/vault
GO-2023-1900: Hashicorp Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation in github.com/hashicorp/vault
GO-2023-1986: HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault
GO-2023-2088: Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability in github.com/hashicorp/vault
GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault
GO-2024-2617: Authentication bypass in github.com/hashicorp/vault
GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault
GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault
GO-2025-3663: Hashicorp Vault Community vulnerable to Generation of Error Message Containing Sensitive Information in github.com/hashicorp/vault
GO-2025-3836: Hashicorp Vault has Incorrect Validation for Non-CA Certificates in github.com/hashicorp/vault
GO-2025-3839: Hashicorp Vault has an Observable Discrepancy on Existing and Non-Existing Users in github.com/hashicorp/vault
GO-2025-3841: Hashicorp Vault's TOTP Secrets Engine Susceptible to Code Reuse in github.com/hashicorp/vault
GO-2025-3848: HashiCorp Vault ldap auth method may not have correctly enforced MFA in github.com/hashicorp/vault
GO-2025-3924: HashiCorp Vault Community Edition Denial of Service Though Complex JSON Payloads in github.com/hashicorp/vault
GO-2025-4070: HashiCorp Vault and Vault Enterprise's AWS Auth method may be susceptible to authentication bypass in github.com/hashicorp/vault
directory
Version:
v0.6.5
Opens a new window with list of versions in this module.
Published: Feb 7, 2017
License: MPL-2.0
Opens a new window with license information.
Directories
¶
|
|
|
Package certutil contains helper functions that are mostly used with the PKI backend but can be generally useful.
|
Package certutil contains helper functions that are mostly used with the PKI backend but can be generally useful. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Package forwarding is a generated protocol buffer package.
|
Package forwarding is a generated protocol buffer package. |
|
|
|
|
|
|
This package is used to implement Key Derivation Functions (KDF) based on the recommendations of NIST SP 800-108.
|
This package is used to implement Key Derivation Functions (KDF) based on the recommendations of NIST SP 800-108. |
|
|
|
|
|
|
|
|
|
|
|
|
Package mfa provides wrappers to add multi-factor authentication to any auth backend.
|
Package mfa provides wrappers to add multi-factor authentication to any auth backend. |
duo
Package duo provides a Duo MFA handler to authenticate users with Duo.
|
Package duo provides a Duo MFA handler to authenticate users with Duo. |
|
|
|
password is a package for reading a password securely from a terminal.
|
password is a package for reading a password securely from a terminal. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Click to show internal directories.
Click to hide internal directories.