Количество 6
Количество 6
CVE-2024-8185
Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vault to consume excessive system memory resources, potentially leading to a crash of the underlying system and the Vault process itself. This vulnerability, CVE-2024-8185, is fixed in Vault Community 1.18.1 and Vault Enterprise 1.18.1, 1.17.8, and 1.16.12.
CVE-2024-8185
Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vault to consume excessive system memory resources, potentially leading to a crash of the underlying system and the Vault process itself. This vulnerability, CVE-2024-8185, is fixed in Vault Community 1.18.1 and Vault Enterprise 1.18.1, 1.17.8, and 1.16.12.
GHSA-g233-2p4r-3q7v
Hashicorp Vault vulnerable to denial of service through memory exhaustion
BDU:2024-09085
Уязвимость алгоритма распределения данных Raft Consensus Algorithm хранилища Integrated storage (Raft) платформ для архивирования корпоративной информации HashiCorp Vault и Vault Enterprise, позволяющая нарушителю вызвать отказ в обслуживании
ROS-20241112-08
Уязвимость vault
SUSE-SU-2024:3950-1
Security update for govulncheck-vulndb
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-8185 Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vault to consume excessive system memory resources, potentially leading to a crash of the underlying system and the Vault process itself. This vulnerability, CVE-2024-8185, is fixed in Vault Community 1.18.1 and Vault Enterprise 1.18.1, 1.17.8, and 1.16.12. | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | CVE-2024-8185 Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vault to consume excessive system memory resources, potentially leading to a crash of the underlying system and the Vault process itself. This vulnerability, CVE-2024-8185, is fixed in Vault Community 1.18.1 and Vault Enterprise 1.18.1, 1.17.8, and 1.16.12. | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
| GHSA-g233-2p4r-3q7v Hashicorp Vault vulnerable to denial of service through memory exhaustion | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | BDU:2024-09085 Уязвимость алгоритма распределения данных Raft Consensus Algorithm хранилища Integrated storage (Raft) платформ для архивирования корпоративной информации HashiCorp Vault и Vault Enterprise, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | ROS-20241112-08 Уязвимость vault | CVSS3: 7.5 | 1% Низкий | около 1 года назад |
 | SUSE-SU-2024:3950-1 Security update for govulncheck-vulndb | около 1 года назад |
Уязвимостей на страницу