Headline
CVE-2023-5954: HCSEC-2023-33 - Vault Requests Triggering Policy Checks May Lead To Unbounded Memory Consumption
HashiCorp Vault and Vault Enterprise inbound client requests triggering a policy check can lead to an unbounded consumption of memory. A large number of these requests may lead to denial-of-service. Fixed in Vault 1.15.2, 1.14.6, and 1.13.10.
Loading
Related news
GHSA-4qhc-v8r6-8vwm: HashiCorp Vault Missing Release of Memory after Effective Lifetime vulnerability
HashiCorp Vault and Vault Enterprise inbound client requests triggering a policy check can lead to an unbounded consumption of memory. A large number of these requests may lead to denial-of-service. Fixed in Vault 1.15.2, 1.14.6, and 1.13.10.