chainguard/vault-fips-1.16

Vulnerabilities (23)

• CVE-2024-45338MedDec 18, 2024
  affected < 1.16.3-r10fixed 1.16.3-r10

  An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

• CVE-2024-45337CriDec 12, 2024
  affected < 1.16.3-r9fixed 1.16.3-r9

  Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that

• CVE-2024-51744LowNov 4, 2024
  affected < 1.16.3-r8fixed 1.16.3-r8

  golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors r

• CVE-2024-34158HigSep 6, 2024
  affected < 1.16.3-r5fixed 1.16.3-r5

  Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

• CVE-2024-34156HigSep 6, 2024
  affected < 1.16.3-r5fixed 1.16.3-r5

  Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

• CVE-2024-34155MedSep 6, 2024
  affected < 1.16.3-r5fixed 1.16.3-r5

  Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.

• CVE-2024-24791HigJul 2, 2024
  affected < 1.16.3-r3fixed 1.16.3-r3

  The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the co

• CVE-2024-6104Jun 24, 2024
  affected < 1.16.3-r1fixed 1.16.3-r1

  go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.

• CVE-2024-35255Jun 11, 2024
  affected < 1.16.2-r1fixed 1.16.2-r1

  Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability

• CVE-2024-24789Jun 5, 2024
  affected < 1.16.2-r1fixed 1.16.2-r1

  The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip pac

• CVE-2024-24790Jun 5, 2024
  affected < 1.16.2-r1fixed 1.16.2-r1

  The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.

• CVE-2024-2660Apr 4, 2024
  affected < 0fixed 0

  Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. This vulnerability, CVE-2024-2660, affects Vault and Vault Enterprise 1.14.0 and above, and is fixed in Vault 1.16.0 and Vault Enterpri

• CVE-2024-2048Mar 4, 2024
  affected < 0fixed 0

  Vault and Vault Enterprise (“Vault”) TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as trusted certificate. In this configuration, an attacker may be able to craft a malicious certificate that could be used to

• CVE-2023-5954Nov 9, 2023
  affected < 0fixed 0

  HashiCorp Vault and Vault Enterprise inbound client requests triggering a policy check can lead to an unbounded consumption of memory. A large number of these requests may lead to denial-of-service. Fixed in Vault 1.15.2, 1.14.6, and 1.13.10.

• CVE-2023-5077Sep 28, 2023
  affected < 0fixed 0

  The Vault and Vault Enterprise ("Vault") Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. Fixed in Vault 1.13.0.

• CVE-2023-3462Jul 31, 2023
  affected < 0fixed 0

  HashiCorp's Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. An attacker may submit requests of existent and non-existent LDAP users and observe the response from Vault to check if the account is valid on the LDAP server. This vulnera

• CVE-2023-2121Jun 9, 2023
  affected < 0fixed 0

  Vault and Vault Enterprise's (Vault) key-value v2 (kv-v2) diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerability, CVE-2023-2121, is fixed in Vault 1.14.0, 1.13.3, 1.12.7, and 1.11.11.

• CVE-2023-0665Mar 30, 2023
  affected < 0fixed 0

  HashiCorp Vault's PKI mount issuer endpoints did not correctly authorize access to remove an issuer or modify issuer metadata, potentially resulting in denial of service of the PKI mount. This bug did not affect public or private key material, trust chains or certificate issuance

• CVE-2023-25000Mar 30, 2023
  affected < 0fixed 0

  HashiCorp Vault's implementation of Shamir's secret sharing used precomputed table lookups, and was vulnerable to cache-timing attacks. An attacker with access to, and the ability to observe a large number of unseal operations on the host through a side channel may reduce the sea

• CVE-2023-24999Mar 10, 2023
  affected < 0fixed 0

  HashiCorp Vault and Vault Enterprise’s approle auth method allowed any authenticated user with access to an approle destroy endpoint to destroy the secret ID of any other role by providing the secret ID accessor. This vulnerability is fixed in Vault 1.13.0, 1.12.4, 1.11.8, 1.10.1