Vulnerabilities > Hashicorp > Vault > 1.15.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-10 | CVE-2024-9180 | Unspecified vulnerability in Hashicorp Vault A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s privileges to Vault’s root policy. | 7.2 |
| 2024-02-01 | CVE-2024-0831 | Information Exposure Through Log Files vulnerability in Hashicorp Vault Vault and Vault Enterprise (“Vault”) may expose sensitive information when enabling an audit device which specifies the `log_raw` option, which may log sensitive information to other audit devices, regardless of whether they are configured to use `log_raw`. | 6.5 |