Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
Incorrect Privilege Assignment in HashiCorp Vault High
CVE-2021-42135 was published for github.com/hashicorp/vault (Go) Oct 12, 2021
Hashicorp Consul allows user with service:write permissions to patch remote proxy instances High
CVE-2023-2816 was published for github.com/hashicorp/consul (Go) Jun 3, 2023
Nomad ACL Policies without Label are Applied to Unexpected Resources Moderate
CVE-2023-3072 was published for github.com/hashicorp/nomad (Go) Jul 20, 2023
anonymous4ACL24
Nomad Search API Leaks Information About CSI Plugins Moderate
CVE-2023-3300 was published for github.com/hashicorp/nomad (Go) Jul 20, 2023
anonymous4ACL24
Consul JWT Auth in L7 Intentions Allow for Mismatched Service Identity and JWT Providers High
CVE-2023-3518 was published for github.com/hashicorp/consul (Go) Aug 9, 2023
anonymous4ACL24
Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability High
CVE-2023-5077 was published for github.com/hashicorp/vault (Go) Sep 29, 2023
Kubelet Incorrect Privilege Assignment Moderate
CVE-2019-11245 was published for k8s.io/kubernetes/cmd/kubelet (Go) Apr 24, 2024
Grafana plugin data sources vulnerable to access control bypass Moderate
CVE-2024-6322 was published for github.com/grafana/grafana (Go) Aug 20, 2024
Hwameistor Potential Permission Leakage of Cluster Level Moderate
CVE-2024-45054 was published for github.com/hwameistor/hwameistor (Go) Aug 29, 2024
younaman
Vault Community Edition privilege escalation vulnerability High
CVE-2024-9180 was published for github.com/hashicorp/vault (Go) Oct 10, 2024
ProTip! Advisories are also available from the GraphQL API