HashiCorp Vault and Vault Enterprise inbound client requests triggering a policy check can lead to an unbounded consumption of memory. A large number of these requests may lead to denial-of-service. Fixed in Vault 1.15.2, 1.14.6, and 1.13.10.
Metrics
Affected Vendors & Products
References
History
Wed, 02 Oct 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat openshift
|
|
CPEs | cpe:/a:redhat:openshift:4.17::el9 | |
Vendors & Products |
Redhat openshift
|
MITRE
Status: PUBLISHED
Assigner: HashiCorp
Published: 2023-11-09T20:13:49.346Z
Updated: 2024-08-02T08:14:25.126Z
Reserved: 2023-11-03T16:18:00.469Z
Link: CVE-2023-5954
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-11-09T21:15:25.143
Modified: 2024-11-21T08:42:51.270
Link: CVE-2023-5954
Redhat