GO-2023-1986
and 20 other vulnerabilities
GO-2023-1986 : HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault
GO-2023-2088 : Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability in github.com/hashicorp/vault
GO-2023-2329 : HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault
GO-2024-2617 : Authentication bypass in github.com/hashicorp/vault
GO-2024-2690 : HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault
GO-2024-2921 : HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault
GO-2024-2982 : Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault
GO-2024-3162 : Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault
GO-2024-3191 : Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault
GO-2024-3246 : Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault
GO-2025-3662 : Hashicorp Vault Community vulnerable to Incorrect Authorization in github.com/hashicorp/vault
GO-2025-3663 : Hashicorp Vault Community vulnerable to Generation of Error Message Containing Sensitive Information in github.com/hashicorp/vault
GO-2025-3836 : Hashicorp Vault has Incorrect Validation for Non-CA Certificates in github.com/hashicorp/vault
GO-2025-3837 : Hashicorp Vault has Privilege Escalation Vulnerability in github.com/hashicorp/vault
GO-2025-3838 : Hashicorp Vault has Code Execution Vulnerability via Plugin Configuration in github.com/hashicorp/vault
GO-2025-3839 : Hashicorp Vault has an Observable Discrepancy on Existing and Non-Existing Users in github.com/hashicorp/vault
GO-2025-3841 : Hashicorp Vault's TOTP Secrets Engine Susceptible to Code Reuse in github.com/hashicorp/vault
GO-2025-3842 : Hashicorp Vault has Login MFA Rate Limit Bypass Vulnerability in github.com/hashicorp/vault
GO-2025-3848 : HashiCorp Vault ldap auth method may not have correctly enforced MFA in github.com/hashicorp/vault
GO-2025-3924 : HashiCorp Vault Community Edition Denial of Service Though Complex JSON Payloads in github.com/hashicorp/vault
GO-2025-4070 : HashiCorp Vault and Vault Enterprise's AWS Auth method may be susceptible to authentication bypass in github.com/hashicorp/vault
Discover Packages
github.com/hashicorp/vault
helper
locking
package
Version:
v1.12.11
Opens a new window with list of versions in this module.
Published: Sep 11, 2023
License: MPL-2.0
Opens a new window with license information.
Imports: 2
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
DeadlockMutex (used when requested via config option `detact_deadlocks`),
behaves like a sync.Mutex but does periodic checking to see if outstanding
locks and requests look like a deadlock. If it finds a deadlock candidate it
will output it prefixed with "POTENTIAL DEADLOCK", as described at
https://github.com/sasha-s/go-deadlock
DeadlockRWMutex is the RW version of DeadlockMutex.
type Mutex interface {
Lock()
Unlock()
}
Common mutex interface to allow either built-in or imported deadlock use
type RWMutex interface {
Lock()
RLock()
RLocker() sync .Locker
RUnlock()
Unlock()
}
Common r/w mutex interface to allow either built-in or imported deadlock use
DeadlockRWMutex is the RW version of SyncMutex.
¶
Click to show internal directories.
Click to hide internal directories.
Affected by 
Documentation
¶
Source Files