Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-vgh3-mwxq-rcp8

GitHub Security Advisory

Hashicorp Vault may expose sensitive log information

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

Vault and Vault Enterprise (“Vault”) may expose sensitive information when enabling an audit device which specifies the `log_raw` option, which may log sensitive information to other audit devices, regardless of whether they are configured to use `log_raw`

Affected Packages

Go github.com/hashicorp/vault
Affected versions: 1.15.0 (fixed in 1.15.5)

Related CVEs

CVE-2024-0831

Key Information

GHSA ID
GHSA-vgh3-mwxq-rcp8
Published
February 1, 2024 3:30 AM
Last Modified
February 23, 2024 7:48 PM
CVSS Score
5.0 /10
Primary Ecosystem
Go
Primary Package
github.com/hashicorp/vault
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 6, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.