CVE-2025-6203

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-6203

Severity

7.5

High

CVSS V3

Description

A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. This may lead to a timeout in Vault’s auditing subroutine, potentially resulting in the Vault server to become unresponsive. This vulnerability, CVE-2025-6203, is fixed in Vault Community Edition 1.20.3 and Vault Enterprise 1.20.3, 1.19.9, 1.18.14, and 1.16.25.

References

https://images.chainguard.dev/security/CGA-v9vg-wjx4-jpr9
https://github.com/advisories/GHSA-8f82-53h8-2p34
https://images.chainguard.dev/security/CGA-2wwc-7rxp-gcww
https://images.chainguard.dev/security/CGA-c4c9-8cjq-673v
https://images.chainguard.dev/security/CGA-5fjj-wgf6-mr3x
https://images.chainguard.dev/security/CGA-ww4g-8887-83fh
https://images.chainguard.dev/security/CGA-pwpv-7vw7-vv74
https://images.chainguard.dev/security/CGA-3c7c-2m73-mrq7
https://images.chainguard.dev/security/CGA-qprr-p4vp-cjc4
https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

The trusted source for open source

Talk to an expert

Privacy

Terms

CVE-2025-6203

Severity

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company