DirectorySecurity Advisories
Sign In
Security Advisories

CGA-4h8p-fh8p-p339

Published

Last updated

https://images.chainguard.dev/security/CGA-4h8p-fh8p-p339
Package

k3d

Latest Update
Fixed
Fixed Version

5.6.0-r11

Aliases
  • CVE-2021-38554
  • GHSA-6239-28c2-9mrm

Severity

5.3

Medium

CVSS V3

Summary

Improper Removal of Sensitive Information Before Storage or Transfer in HashiCorp Vault

Description

HashiCorp Vault and Vault Enterprise’s UI erroneously cached and exposed user-viewed secrets between sessions in a single shared browser. Fixed in 1.8.0 and pending 1.7.4 / 1.6.6 releases.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images