Affected by GO-2022-0618
and 16 other vulnerabilities
GO-2022-0618: Hashicorp Vault Privilege Escalation Vulnerability in github.com/hashicorp/vault
GO-2022-0632: Improper Removal of Sensitive Information Before Storage or Transfer in HashiCorp Vault in github.com/hashicorp/vault
GO-2022-0825: Authentication Bypass by Spoofing and Insufficient Verification of Data Authenticity in Hashicorp Vault in github.com/hashicorp/vault
GO-2023-1685: HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File in github.com/hashicorp/vault
GO-2023-1708: HashiCorp Vault's PKI mount vulnerable to denial of service in github.com/hashicorp/vault
GO-2023-1709: Cache-timing attacks in Shamir's secret sharing in github.com/hashicorp/vault
GO-2023-1849: Hashicorp Vault vulnerable to Cross-site Scripting in github.com/hashicorp/vault
GO-2023-1897: HashiCorp Vault's revocation list not respected in github.com/hashicorp/vault
GO-2023-1900: Hashicorp Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation in github.com/hashicorp/vault
GO-2023-1986: HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault
GO-2023-2088: Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability in github.com/hashicorp/vault
GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault
GO-2024-2486: HashiCorp Vault Improper Privilege Management in github.com/hashicorp/vault
GO-2024-2488: HashiCorp Vault Authentication bypass in github.com/hashicorp/vault
GO-2024-2617: Authentication bypass in github.com/hashicorp/vault
GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault
GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault
const (
// ShareOverhead is the byte size overhead of each share// when using Split on a secret. This is caused by appending// a one byte tag to the share.
ShareOverhead = 1
)
Split takes an arbitrarily long secret and generates a `parts`
number of shares, `threshold` of which are required to reconstruct
the secret. The parts and threshold must be at least 2, and less
than 256. The returned shares are each one byte longer than the secret
as they attach a tag used to reconstruct the secret.