An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/3xxx/CVE-2023-3774.json",
"cna_assigner": "HashiCorp",
"cwe_ids": [
"CWE-248"
],
"unresolved_ranges": [
{
"extracted_events": [
{
"introduced": "1.14.0"
},
{
"last_affected": "1.14.0"
},
{
"introduced": "1.13.4"
},
{
"last_affected": "1.13.4"
},
{
"introduced": "1.12.8"
},
{
"last_affected": "1.12.8"
}
],
"source": "AFFECTED_FIELD"
}
]
}{
"cpe": [
"cpe:2.3:a:hashicorp:vault:1.12.8:*:*:*:enterprise:*:*:*",
"cpe:2.3:a:hashicorp:vault:1.13.4:*:*:*:enterprise:*:*:*",
"cpe:2.3:a:hashicorp:vault:1.14.0:*:*:*:enterprise:*:*:*"
],
"source": "CPE_STRING",
"extracted_events": [
{
"introduced": "1.12.8"
},
{
"last_affected": "1.12.8"
},
{
"introduced": "1.13.4"
},
{
"last_affected": "1.13.4"
},
{
"introduced": "1.14.0"
},
{
"last_affected": "1.14.0"
}
]
}