Vulnerabilities > Hashicorp > Vault > 1.15.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-01 | CVE-2024-0831 | Information Exposure Through Log Files vulnerability in Hashicorp Vault 1.15.0/1.15.2 Vault and Vault Enterprise (“Vault”) may expose sensitive information when enabling an audit device which specifies the `log_raw` option, which may log sensitive information to other audit devices, regardless of whether they are configured to use `log_raw`. | 6.5 |
| 2023-12-08 | CVE-2023-6337 | Allocation of Resources Without Limits or Throttling vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise 1.12.0 and newer are vulnerable to a denial of service through memory exhaustion of the host when handling large unauthenticated and authenticated HTTP requests from a client. | 7.5 |
| 2023-11-09 | CVE-2023-5954 | Memory Leak vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise inbound client requests triggering a policy check can lead to an unbounded consumption of memory. | 7.5 |