Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Vault Requests Triggering Policy Checks May Lead To Unbounded Memory Consumption
Vulnerability Description
HashiCorp Vault and Vault Enterprise inbound client requests triggering a policy check can lead to an unbounded consumption of memory. A large number of these requests may lead to denial-of-service. Fixed in Vault 1.15.2, 1.14.6, and 1.13.10.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
在移除最后引用时对内存的释放不恰当(内存泄露)
Vulnerability Title
HashiCorp Vault 安全漏洞
Vulnerability Description
HashiCorp Vault是美国HashiCorp公司的一款私钥访问管理工具。 HashiCorp Vault 、Vault Enterprise 1.15.2、1.14.6 和 1.13.10版本存在安全漏洞,该漏洞源于客户端入站请求触发策略检查可能会导致无限的内存消耗,导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A