Affected by GO-2023-2329
and 19 other vulnerabilities
GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault
GO-2024-2617: Authentication bypass in github.com/hashicorp/vault
GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault
GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault
GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault
GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault
GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault
GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault
GO-2025-3662: Hashicorp Vault Community vulnerable to Incorrect Authorization in github.com/hashicorp/vault
GO-2025-3663: Hashicorp Vault Community vulnerable to Generation of Error Message Containing Sensitive Information in github.com/hashicorp/vault
GO-2025-3836: Hashicorp Vault has Incorrect Validation for Non-CA Certificates in github.com/hashicorp/vault
GO-2025-3837: Hashicorp Vault has Privilege Escalation Vulnerability in github.com/hashicorp/vault
GO-2025-3838: Hashicorp Vault has Code Execution Vulnerability via Plugin Configuration in github.com/hashicorp/vault
GO-2025-3839: Hashicorp Vault has an Observable Discrepancy on Existing and Non-Existing Users in github.com/hashicorp/vault
GO-2025-3840: Hashicorp Vault has Lockout Feature Authentication Bypass in github.com/hashicorp/vault
GO-2025-3841: Hashicorp Vault's TOTP Secrets Engine Susceptible to Code Reuse in github.com/hashicorp/vault
GO-2025-3842: Hashicorp Vault has Login MFA Rate Limit Bypass Vulnerability in github.com/hashicorp/vault
GO-2025-3848: HashiCorp Vault ldap auth method may not have correctly enforced MFA in github.com/hashicorp/vault
GO-2025-3924: HashiCorp Vault Community Edition Denial of Service Though Complex JSON Payloads in github.com/hashicorp/vault
GO-2025-4070: HashiCorp Vault and Vault Enterprise's AWS Auth method may be susceptible to authentication bypass in github.com/hashicorp/vault
package
Version:
v1.14.3
Opens a new window with list of versions in this module.
Published: Sep 11, 2023
License: MPL-2.0
Opens a new window with license information.
Imports: 11
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
README
¶
Vault Agent
Vault Agent is a client daemon that provides Auth-Auth, Caching, and Template
features.
Vault Agent provides a number of different helper features, specifically
addressing the following challenges:
- Automatic authentication
- Secure delivery/storage of tokens
- Lifecycle management of these tokens (renewal & re-authentication)
See the usage documentation on the Vault website here:
Documentation
¶
Package agent implements a daemon mode of Vault designed to provide helper
features like auto-auth, caching, and templating.
Agent has it's own configuration stanza and operates as a proxy to a Vault
service.
Source Files
¶
Directories
¶
|
|
|
|
|
|
|
|
|
internal
|
|
|
|
|
Package template is responsible for rendering user supplied templates to disk.
|
Package template is responsible for rendering user supplied templates to disk. |
Click to show internal directories.
Click to hide internal directories.