BIT-vault-2023-5954

Import Source
https://github.com/bitnami/vulndb/tree/main/data/vault/BIT-vault-2023-5954.json
Aliases
Published
2024-03-06T11:08:11.600Z
Modified
2024-03-06T11:25:28.861Z
Summary
[none]
Details

HashiCorp Vault and Vault Enterprise inbound client requests triggering a policy check can lead to an unbounded consumption of memory. A large number of these requests may lead to denial-of-service. Fixed in Vault 1.15.2, 1.14.6, and 1.13.10.

References

Affected packages

Bitnami / vault

Package

Name
vault

Affected ranges

Type
SEMVER
Events
Introduced
1.13.7
Fixed
1.13.10
Introduced
1.14.3
Fixed
1.14.6
Introduced
1.15.0
Fixed
1.15.2