VYPR
Moderate severityNVD Advisory· Published Aug 13, 2021· Updated Aug 4, 2024

CVE-2021-38554

CVE-2021-38554

Description

HashiCorp Vault and Vault Enterprise’s UI erroneously cached and exposed user-viewed secrets between sessions in a single shared browser. Fixed in 1.8.0 and pending 1.7.4 / 1.6.6 releases.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/hashicorp/vaultGo
< 1.6.61.6.6
github.com/hashicorp/vaultGo
>= 1.7.0, < 1.7.41.7.4

Affected products

21

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.