Affected by GO-2022-0611
and 20 other vulnerabilities
GO-2022-0611: HashiCorp Vault Incorrect Permission Assignment for Critical Resource in github.com/hashicorp/vault
GO-2022-0618: Hashicorp Vault Privilege Escalation Vulnerability in github.com/hashicorp/vault
GO-2022-0623: Invalid session token expiration in github.com/hashicorp/vault
GO-2022-0632: Improper Removal of Sensitive Information Before Storage or Transfer in HashiCorp Vault in github.com/hashicorp/vault
GO-2022-0816: Improper Resource Shutdown or Release in HashiCorp Vault in github.com/hashicorp/vault
GO-2022-0825: Authentication Bypass by Spoofing and Insufficient Verification of Data Authenticity in Hashicorp Vault in github.com/hashicorp/vault
GO-2023-1685: HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File in github.com/hashicorp/vault
GO-2023-1708: HashiCorp Vault's PKI mount vulnerable to denial of service in github.com/hashicorp/vault
GO-2023-1849: Hashicorp Vault vulnerable to Cross-site Scripting in github.com/hashicorp/vault
GO-2023-1897: HashiCorp Vault's revocation list not respected in github.com/hashicorp/vault
GO-2023-1900: Hashicorp Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation in github.com/hashicorp/vault
GO-2023-1986: HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault
GO-2023-2088: Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability in github.com/hashicorp/vault
GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault
GO-2024-2485: HashiCorp Vault Improper Privilege Management in github.com/hashicorp/vault
GO-2024-2486: HashiCorp Vault Improper Privilege Management in github.com/hashicorp/vault
GO-2024-2488: HashiCorp Vault Authentication bypass in github.com/hashicorp/vault
GO-2024-2617: Authentication bypass in github.com/hashicorp/vault
GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault
GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault
GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault
Compress places the canary byte in a buffer and uses the same buffer to fill
in the compressed information of the given input. The configuration supports
two type of compression: LZW and Gzip. When using Gzip compression format,
if GzipCompressionLevel is not specified, the 'gzip.DefaultCompression' will
be assumed.
Decompress checks if the first byte in the input matches the canary byte.
If the first byte is a canary byte, then the input past the canary byte
will be decompressed using the method specified in the given configuration.
If the first byte isn't a canary byte, then the utility returns a boolean
value indicating that the input was not compressed.
SnappyReadCloser embeds the snappy reader which implements the io.Reader
interface. The decompress procedure in this utility expects an
io.ReadCloser. This type implements the io.Closer interface to retain the
generic way of decompression.
type CompressionConfig struct {
// Type of the compression algorithm to be used Type string// When using Gzip format, the compression level to employ GzipCompressionLevel int
}
CompressionConfig is used to select a compression type to be performed by
Compress and Decompress utilities.
Supported types are:
* CompressionTypeLZW
* CompressionTypeGzip
* CompressionTypeSnappy
* CompressionTypeLZ4
When using CompressionTypeGzip, the compression levels can also be chosen:
* gzip.DefaultCompression
* gzip.BestSpeed
* gzip.BestCompression
Affected by 
Documentation
¶
Source Files