Vulnerabilities > Hashicorp > Vault > 1.2.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-23 | CVE-2020-10660 | Incorrect Default Permissions vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise versions 0.9.0 through 1.3.3 may, under certain circumstances, have an Entity's Group membership inadvertently include Groups the Entity no longer has permissions to. | 4.3 |
| 2020-01-23 | CVE-2020-7220 | Information Exposure vulnerability in Hashicorp Vault HashiCorp Vault Enterprise 0.11.0 through 1.3.1 fails, in certain circumstances, to revoke dynamic secrets for a mount in a deleted namespace. | 4.3 |