Vulnerabilities > Hashicorp > Vault > 1.5.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-17 | CVE-2020-35453 | Improper Input Validation vulnerability in Hashicorp Vault HashiCorp Vault Enterprise’s Sentinel EGP policy feature incorrectly allowed requests to be processed in parent and sibling namespaces. | 5.0 |
| 2020-12-17 | CVE-2020-35177 | Information Exposure vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise 1.4.1 and newer allowed the enumeration of users via the LDAP auth method. | 5.0 |
| 2020-09-30 | CVE-2020-25816 | Unspecified vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise versions 1.0 and newer allowed leases created with a batch token to outlive their TTL because expiration time was not scheduled correctly. network hashicorp | 4.9 |