healthcheck

Oct 8, 2024 GO-2024-3246

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Sep 16, 2024 GO-2024-3191 +1 more

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Sep 25, 2024 GO-2024-3191 +1 more

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Aug 30, 2024 GO-2024-3162 +2 more

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Aug 29, 2024 GO-2024-3113 +3 more

  GO-2024-3113: Vault Leaks Client Token and Token Accessor in Audit Devices in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Aug 6, 2024 GO-2024-3113 +3 more

  GO-2024-3113: Vault Leaks Client Token and Token Accessor in Audit Devices in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Jul 5, 2024 GO-2024-3162 +2 more

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Jun 25, 2024 GO-2024-2982 +3 more

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Jun 10, 2024 GO-2024-2982 +3 more

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

May 28, 2024 GO-2024-2921 +4 more

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

May 29, 2024 GO-2024-3162 +2 more

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Apr 22, 2024 GO-2024-2921 +4 more

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Apr 3, 2024 GO-2024-2921 +4 more

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Mar 25, 2024 GO-2024-2921 +4 more

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Mar 11, 2024 GO-2024-2690 +5 more

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Feb 20, 2024 GO-2024-2690 +5 more

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Feb 12, 2024 GO-2024-2690 +5 more

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Feb 28, 2024 GO-2024-2690 +5 more

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Jan 26, 2024 GO-2024-2690 +5 more

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Dec 5, 2023 GO-2024-2511 +7 more

  GO-2024-2511: Hashicorp Vault may expose sensitive log information in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Nov 22, 2023 GO-2023-2399 +8 more

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2511: Hashicorp Vault may expose sensitive log information in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Nov 6, 2023 GO-2023-2399 +8 more

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2511: Hashicorp Vault may expose sensitive log information in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Oct 20, 2023 GO-2023-2329 +9 more

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2511: Hashicorp Vault may expose sensitive log information in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Sep 22, 2023 GO-2023-2329 +9 more

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2511: Hashicorp Vault may expose sensitive log information in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Sep 11, 2023 GO-2024-2690 +5 more

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Feb 28, 2024 GO-2024-2690 +5 more

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Jan 29, 2024 GO-2024-2617 +6 more

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Dec 5, 2023 GO-2024-2617 +6 more

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Nov 21, 2023 GO-2023-2399 +7 more

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Nov 6, 2023 GO-2023-2399 +7 more

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Oct 20, 2023 GO-2023-2329 +8 more

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Sep 22, 2023 GO-2023-2329 +8 more

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Sep 11, 2023 GO-2023-2329 +8 more

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Aug 24, 2023 GO-2023-2063 +9 more

  GO-2023-2063: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Jul 21, 2023 GO-2023-2063 +9 more

  GO-2023-2063: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Jun 19, 2023 GO-2023-1986 +10 more

  GO-2023-1986: HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault

  GO-2023-2063: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Changes in this version

+ type AllowAcmeHeaders struct

+ AcmeConfigFetcher *PathFetch

+ Enabled bool

+ TuneData map[string]interface{}

+ TuneFetcher *PathFetch

+ UnsupportedVersion bool

+ func (h *AllowAcmeHeaders) DefaultConfig() map[string]interface{}

+ func (h *AllowAcmeHeaders) Evaluate(e *Executor) ([]*Result, error)

+ func (h *AllowAcmeHeaders) FetchResources(e *Executor) error

+ func (h *AllowAcmeHeaders) IsEnabled() bool

+ func (h *AllowAcmeHeaders) LoadConfig(config map[string]interface{}) error

+ func (h *AllowAcmeHeaders) Name() string

type Check

+ func NewAllowAcmeHeaders() Check

+ func NewEnableAcmeIssuance() Check

+ type EnableAcmeIssuance struct

+ AcmeConfigFetcher *PathFetch

+ ClusterConfigFetcher *PathFetch

+ Enabled bool

+ RootIssuers int

+ TotalIssuers int

+ UnsupportedVersion bool

+ func (h *EnableAcmeIssuance) DefaultConfig() map[string]interface{}

+ func (h *EnableAcmeIssuance) Evaluate(e *Executor) (results []*Result, err error)

+ func (h *EnableAcmeIssuance) FetchResources(e *Executor) error

+ func (h *EnableAcmeIssuance) IsEnabled() bool

+ func (h *EnableAcmeIssuance) LoadConfig(config map[string]interface{}) error

+ func (h *EnableAcmeIssuance) Name() string

Jun 7, 2023 GO-2024-2617 +6 more

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Jan 29, 2024 GO-2024-2617 +6 more

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Dec 5, 2023 GO-2024-2617 +6 more

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Nov 21, 2023 GO-2023-2399 +7 more

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Nov 6, 2023 GO-2023-2399 +7 more

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Oct 20, 2023 GO-2023-2329 +8 more

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Sep 22, 2023 GO-2023-2329 +8 more

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Sep 11, 2023 GO-2023-2329 +8 more

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Aug 24, 2023 GO-2023-2063 +9 more

  GO-2023-2063: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Jul 21, 2023 GO-2023-2063 +9 more

  GO-2023-2063: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Jun 19, 2023 GO-2023-1986 +10 more

  GO-2023-1986: HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault

  GO-2023-2063: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Jun 7, 2023 GO-2023-1986 +10 more

  GO-2023-1986: HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault

  GO-2023-2063: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Apr 25, 2023 GO-2023-1849 +11 more

  GO-2023-1849: Hashicorp Vault vulnerable to Cross-site Scripting in github.com/hashicorp/vault

  GO-2023-1986: HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault

  GO-2023-2063: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Mar 23, 2023 GO-2023-1849 +11 more

  GO-2023-1849: Hashicorp Vault vulnerable to Cross-site Scripting in github.com/hashicorp/vault

  GO-2023-1986: HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault

  GO-2023-2063: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Mar 1, 2023 GO-2023-1685 +14 more

  GO-2023-1685: HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File in github.com/hashicorp/vault

  GO-2023-1708: HashiCorp Vault's PKI mount vulnerable to denial of service in github.com/hashicorp/vault

  GO-2023-1709: Cache-timing attacks in Shamir's secret sharing in github.com/hashicorp/vault

  GO-2023-1849: Hashicorp Vault vulnerable to Cross-site Scripting in github.com/hashicorp/vault

  GO-2023-1986: HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault

  GO-2023-2063: HashiCorp Vault Improper Input Validation vulnerability in github.com/hashicorp/vault

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Changes in this version

+ var HiddenReqParams = []string

+ var HiddenRespParams = []string

+ var NameResultStatusMap = map[string]ResultStatus

+ var ResultStatusNameMap = map[ResultStatus]string

+ var VisibleReqParams = []string

+ var VisibleRespParams = []string

+ func FormatDuration(d time.Duration) string

+ func ParsePEMCert(contents string) (*x509.Certificate, error)

+ func StringList(source interface{}) ([]string, error)

+ type AllowIfModifiedSince struct

+ Enabled bool

+ Fetcher *PathFetch

+ TuneData map[string]interface{}

+ UnsupportedVersion bool

+ func (h *AllowIfModifiedSince) DefaultConfig() map[string]interface{}

+ func (h *AllowIfModifiedSince) Evaluate(e *Executor) (results []*Result, err error)

+ func (h *AllowIfModifiedSince) FetchResources(e *Executor) error

+ func (h *AllowIfModifiedSince) IsEnabled() bool

+ func (h *AllowIfModifiedSince) LoadConfig(config map[string]interface{}) error

+ func (h *AllowIfModifiedSince) Name() string

+ type AuditVisibility struct

+ Enabled bool

+ Fetcher *PathFetch

+ IgnoredParameters map[string]bool

+ TuneData map[string]interface{}

+ UnsupportedVersion bool

+ func (h *AuditVisibility) DefaultConfig() map[string]interface{}

+ func (h *AuditVisibility) Evaluate(e *Executor) (results []*Result, err error)

+ func (h *AuditVisibility) FetchResources(e *Executor) error

+ func (h *AuditVisibility) IsEnabled() bool

+ func (h *AuditVisibility) LoadConfig(config map[string]interface{}) error

+ func (h *AuditVisibility) Name() string

+ type CAValidityPeriod struct

+ Enabled bool

+ IntermediateExpieries map[ResultStatus]time.Duration

+ Issuers map[string]*x509.Certificate

+ RootExpiries map[ResultStatus]time.Duration

+ UnsupportedVersion bool

+ func (h *CAValidityPeriod) DefaultConfig() map[string]interface{}

+ func (h *CAValidityPeriod) Evaluate(e *Executor) (results []*Result, err error)

+ func (h *CAValidityPeriod) FetchResources(e *Executor) error

+ func (h *CAValidityPeriod) IsEnabled() bool

+ func (h *CAValidityPeriod) LoadConfig(config map[string]interface{}) error

+ func (h *CAValidityPeriod) Name() string

+ type CRLValidityPeriod struct

+ CRLConfig *PathFetch

+ CRLExpiryPercentage int

+ CRLs map[string]*x509.RevocationList

+ DeltaCRLExpiryPercentage int

+ DeltaCRLs map[string]*x509.RevocationList

+ Enabled bool

+ NoDeltas bool

+ UnsupportedVersion bool

+ func (h *CRLValidityPeriod) DefaultConfig() map[string]interface{}

+ func (h *CRLValidityPeriod) Evaluate(e *Executor) (results []*Result, err error)

+ func (h *CRLValidityPeriod) FetchResources(e *Executor) error

+ func (h *CRLValidityPeriod) IsEnabled() bool

+ func (h *CRLValidityPeriod) LoadConfig(config map[string]interface{}) error

+ func (h *CRLValidityPeriod) Name() string

+ type Check interface

+ DefaultConfig func() map[string]interface{}

+ Evaluate func(e *Executor) ([]*Result, error)

+ FetchResources func(e *Executor) error

+ IsEnabled func() bool

+ LoadConfig func(config map[string]interface{}) error

+ Name func() string

+ func NewAllowIfModifiedSinceCheck() Check

+ func NewAuditVisibilityCheck() Check

+ func NewCAValidityPeriodCheck() Check

+ func NewCRLValidityPeriodCheck() Check

+ func NewEnableAutoTidyCheck() Check

+ func NewHardwareBackedRootCheck() Check

+ func NewRoleAllowsGlobWildcardsCheck() Check

+ func NewRoleAllowsLocalhostCheck() Check

+ func NewRoleNoStoreFalseCheck() Check

+ func NewRootIssuedLeavesCheck() Check

+ func NewTidyLastRunCheck() Check

+ func NewTooManyCertsCheck() Check

+ type EnableAutoTidy struct

+ Enabled bool

+ IntervalDurationCritical time.Duration

+ IntervalDurationWarning time.Duration

+ PauseDurationCritical time.Duration

+ PauseDurationWarning time.Duration

+ TidyConfig *PathFetch

+ UnsupportedVersion bool

+ func (h *EnableAutoTidy) DefaultConfig() map[string]interface{}

+ func (h *EnableAutoTidy) Evaluate(e *Executor) (results []*Result, err error)

+ func (h *EnableAutoTidy) FetchResources(e *Executor) error

+ func (h *EnableAutoTidy) IsEnabled() bool

+ func (h *EnableAutoTidy) LoadConfig(config map[string]interface{}) error

+ func (h *EnableAutoTidy) Name() string

+ type Executor struct

+ Checkers []Check

+ Client *api.Client

+ Config map[string]map[string]interface{}

+ DefaultEnabled bool

+ Mount string

+ Resources map[string]map[logical.Operation]*PathFetch

+ func NewExecutor(client *api.Client, mount string) *Executor

+ func (e *Executor) AddCheck(c Check)

+ func (e *Executor) BuildConfig(external map[string]interface{}) error

+ func (e *Executor) Execute() (map[string][]*Result, error)

+ func (e *Executor) FetchIfNotFetched(op logical.Operation, rawPath string) (*PathFetch, error)

+ type HardwareBackedRoot struct

+ Enabled bool

+ FetchIssues map[string]*PathFetch

+ IssuerKeyMap map[string]string

+ KeyIsManaged map[string]string

+ UnsupportedVersion bool

+ func (h *HardwareBackedRoot) DefaultConfig() map[string]interface{}

+ func (h *HardwareBackedRoot) Evaluate(e *Executor) (results []*Result, err error)

+ func (h *HardwareBackedRoot) FetchResources(e *Executor) error

+ func (h *HardwareBackedRoot) IsEnabled() bool

+ func (h *HardwareBackedRoot) LoadConfig(config map[string]interface{}) error

+ func (h *HardwareBackedRoot) Name() string

+ type PathFetch struct

+ FetchError error

+ Operation logical.Operation

+ ParsedCache map[string]interface{}

+ Path string

+ Response *api.Response

+ Secret *api.Secret

+ SecretParseError error

+ func (p *PathFetch) FetchSurfaceError() error

+ func (p *PathFetch) Is404NotFound() bool

+ func (p *PathFetch) IsMissingResource() bool

+ func (p *PathFetch) IsOK() bool

+ func (p *PathFetch) IsSecretOK() bool

+ func (p *PathFetch) IsSecretPermissionsError() bool

+ func (p *PathFetch) IsUnsupportedPathError() bool

+ type Result struct

+ Endpoint string

+ Message string

+ Status ResultStatus

+ StatusDisplay string

+ type ResultStatus int

+ const ResultCritical

+ const ResultInformational

+ const ResultInsufficientPermissions

+ const ResultInvalidVersion

+ const ResultNotApplicable

+ const ResultOK

+ const ResultWarning

+ type RoleAllowsGlobWildcards struct

+ Enabled bool

+ RoleEntryMap map[string]map[string]interface{}

+ RoleFetchIssues map[string]*PathFetch

+ RoleListFetchIssue *PathFetch

+ UnsupportedVersion bool

+ func (h *RoleAllowsGlobWildcards) DefaultConfig() map[string]interface{}

+ func (h *RoleAllowsGlobWildcards) Evaluate(e *Executor) (results []*Result, err error)

+ func (h *RoleAllowsGlobWildcards) FetchResources(e *Executor) error

+ func (h *RoleAllowsGlobWildcards) IsEnabled() bool

+ func (h *RoleAllowsGlobWildcards) LoadConfig(config map[string]interface{}) error

+ func (h *RoleAllowsGlobWildcards) Name() string

+ type RoleAllowsLocalhost struct

+ Enabled bool

+ RoleEntryMap map[string]map[string]interface{}

+ RoleFetchIssues map[string]*PathFetch

+ RoleListFetchIssue *PathFetch

+ UnsupportedVersion bool

+ func (h *RoleAllowsLocalhost) DefaultConfig() map[string]interface{}

+ func (h *RoleAllowsLocalhost) Evaluate(e *Executor) (results []*Result, err error)

+ func (h *RoleAllowsLocalhost) FetchResources(e *Executor) error

+ func (h *RoleAllowsLocalhost) IsEnabled() bool

+ func (h *RoleAllowsLocalhost) LoadConfig(config map[string]interface{}) error

+ func (h *RoleAllowsLocalhost) Name() string

+ type RoleNoStoreFalse struct

+ AllowedRoles map[string]bool

+ CRLConfig *PathFetch

+ Enabled bool

+ RoleEntryMap map[string]map[string]interface{}

+ RoleFetchIssues map[string]*PathFetch

+ RoleListFetchIssue *PathFetch

+ UnsupportedVersion bool

+ func (h *RoleNoStoreFalse) DefaultConfig() map[string]interface{}

+ func (h *RoleNoStoreFalse) Evaluate(e *Executor) (results []*Result, err error)

+ func (h *RoleNoStoreFalse) FetchResources(e *Executor) error

+ func (h *RoleNoStoreFalse) IsEnabled() bool

+ func (h *RoleNoStoreFalse) LoadConfig(config map[string]interface{}) error

+ func (h *RoleNoStoreFalse) Name() string

+ type RootIssuedLeaves struct

+ CertsToFetch int

+ Enabled bool

+ FetchIssues map[string]*PathFetch

+ LeafCertMap map[string]*x509.Certificate

+ RootCertMap map[string]*x509.Certificate

+ UnsupportedVersion bool

+ func (h *RootIssuedLeaves) DefaultConfig() map[string]interface{}

+ func (h *RootIssuedLeaves) Evaluate(e *Executor) (results []*Result, err error)

+ func (h *RootIssuedLeaves) FetchResources(e *Executor) error

+ func (h *RootIssuedLeaves) IsEnabled() bool

+ func (h *RootIssuedLeaves) LoadConfig(config map[string]interface{}) error

+ func (h *RootIssuedLeaves) Name() string

+ type TidyLastRun struct

+ Enabled bool

+ LastRunCritical time.Duration

+ LastRunWarning time.Duration

+ TidyStatus *PathFetch

+ UnsupportedVersion bool

+ func (h *TidyLastRun) DefaultConfig() map[string]interface{}

+ func (h *TidyLastRun) Evaluate(e *Executor) (results []*Result, err error)

+ func (h *TidyLastRun) FetchResources(e *Executor) error

+ func (h *TidyLastRun) IsEnabled() bool

+ func (h *TidyLastRun) LoadConfig(config map[string]interface{}) error

+ func (h *TidyLastRun) Name() string

+ type TooManyCerts struct

+ CertCounts int

+ CountCritical int

+ CountWarning int

+ Enabled bool

+ FetchIssue *PathFetch

+ UnsupportedVersion bool

+ func (h *TooManyCerts) DefaultConfig() map[string]interface{}

+ func (h *TooManyCerts) Evaluate(e *Executor) (results []*Result, err error)

+ func (h *TooManyCerts) FetchResources(e *Executor) error

+ func (h *TooManyCerts) IsEnabled() bool

+ func (h *TooManyCerts) LoadConfig(config map[string]interface{}) error

+ func (h *TooManyCerts) Name() string

Feb 13, 2023 GO-2023-1986 +10 more

  GO-2023-1986: HashiCorp Vault and Vault Enterprise vulnerable to user enumeration in github.com/hashicorp/vault

  GO-2023-2088: Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability in github.com/hashicorp/vault

  GO-2023-2329: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability in github.com/hashicorp/vault

  GO-2023-2399: Denial of service via memory exhaustion in github.com/hashicorp/vault

  GO-2024-2617: Authentication bypass in github.com/hashicorp/vault

  GO-2024-2690: HashiCorpVault does not correctly validate OCSP responses in github.com/hashicorp/vault

  GO-2024-2921: HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims in github.com/hashicorp/vault

  GO-2024-2982: Hashicorp Vault vulnerable to Improper Check or Handling of Exceptional Conditions in github.com/hashicorp/vault

  GO-2024-3162: Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default in github.com/hashicorp/vault

  GO-2024-3191: Vault Community Edition privilege escalation vulnerability in github.com/hashicorp/vault

  GO-2024-3246: Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault