CVE-2025-12044

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-12044

Severity

7.5

High

CVSS V3

Description

Vault and Vault Enterprise (“Vault”) are vulnerable to an unauthenticated denial of service when processing JSON payloads. This occurs due to a regression from a previous fix for [+HCSEC-2025-24+|https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393] which allowed for processing JSON payloads before applying rate limits. This vulnerability, CVE-2025-12044, is fixed in Vault Community Edition 1.21.0 and Vault Enterprise 1.16.27, 1.19.11, 1.20.5, and 1.21.0.

References

https://images.chainguard.dev/security/CGA-x673-25w3-m5hh
https://github.com/advisories/GHSA-vp5w-xcfc-73wf
https://images.chainguard.dev/security/CGA-w6f9-f6pm-89pw
https://images.chainguard.dev/security/CGA-8wrq-75rq-xc9r
https://images.chainguard.dev/security/CGA-h5hh-wc66-5683
https://images.chainguard.dev/security/CGA-6jcq-h9mp-94jj
https://images.chainguard.dev/security/CGA-hxwr-f5mf-69xq
https://images.chainguard.dev/security/CGA-8r98-q46q-crmp
https://images.chainguard.dev/security/CGA-pj48-v349-4v9j
https://images.chainguard.dev/security/CGA-847r-2v6v-qpvq
https://discuss.hashicorp.com/t/hcsec-2025-31-vault-vulnerable-to-denial-of-service-due-to-rate-limit-regression/76710

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

The trusted source for open source

Talk to an expert

Privacy

Terms

CVE-2025-12044

Severity

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company