Refine your search
4 vulnerabilities found for Boundary by HashiCorp
CVE-2026-7776 (GCVE-0-2026-7776)
Vulnerability from cvelistv5
Published
2026-05-04 21:34
Modified
2026-05-05 14:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
Boundary Community Edition and Boundary Enterprise (“Boundary”) workers are vulnerable to a denial-of-service condition during node enrollment TLS handshakes. An attacker with network access to the worker authentication listener may open a connection and delay or withhold the client certificate during the TLS handshake, causing worker connection handling to block. This may prevent legitimate worker connections from being accepted or routed. This vulnerability, CVE-2026-7776, is fixed in Boundary 0.21.3, 0.20.3, 0.19.5.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| HashiCorp | Boundary |
Version: 0.9.0 ≤ |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7776",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-05T13:20:57.356797Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-05T14:14:05.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"64 bit",
"32 bit",
"x86",
"ARM",
"MacOS",
"Windows",
"Linux"
],
"product": "Boundary",
"repo": "https://github.com/hashicorp/boundary",
"vendor": "HashiCorp",
"versions": [
{
"changes": [
{
"at": "0.19.5",
"status": "unaffected"
},
{
"at": "0.20.3",
"status": "unaffected"
},
{
"at": "0.21.3",
"status": "unaffected"
}
],
"lessThan": "0.21.3",
"status": "affected",
"version": "0.9.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"64 bit",
"32 bit",
"x86",
"ARM",
"MacOS",
"Windows",
"Linux"
],
"product": "Boundary Enterprise",
"repo": "https://github.com/hashicorp/boundary",
"vendor": "HashiCorp",
"versions": [
{
"changes": [
{
"at": "0.19.5",
"status": "unaffected"
},
{
"at": "0.20.3",
"status": "unaffected"
},
{
"at": "0.21.3",
"status": "unaffected"
}
],
"lessThan": "0.21.3",
"status": "affected",
"version": "0.9.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was identified by the Boundary Engineering team."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eBoundary Community Edition and Boundary Enterprise (\u201cBoundary\u201d) workers are vulnerable to a denial-of-service condition during node enrollment TLS handshakes. An attacker with network access to the worker authentication listener may open a connection and delay or withhold the client certificate during the TLS handshake, causing worker connection handling to block. This may prevent legitimate worker connections from being accepted or routed. This vulnerability, CVE-2026-7776, is fixed in Boundary 0.21.3, 0.20.3, 0.19.5.\u003c/p\u003e\u003cbr/\u003e"
}
],
"value": "Boundary Community Edition and Boundary Enterprise (\u201cBoundary\u201d) workers are vulnerable to a denial-of-service condition during node enrollment TLS handshakes. An attacker with network access to the worker authentication listener may open a connection and delay or withhold the client certificate during the TLS handshake, causing worker connection handling to block. This may prevent legitimate worker connections from being accepted or routed. This vulnerability, CVE-2026-7776, is fixed in Boundary 0.21.3, 0.20.3, 0.19.5."
}
],
"impacts": [
{
"capecId": "CAPEC-227",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-227: Sustained Client Engagement"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T21:36:18.758Z",
"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"shortName": "HashiCorp"
},
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2026-11-boundary-workers-vulnerable-to-denial-of-service-during-tls-handshake"
}
],
"source": {
"advisory": "HCSEC-2026-11",
"discovery": "INTERNAL"
},
"title": "Boundary Workers Vulnerable to Denial of Service During TLS Handshake"
}
},
"cveMetadata": {
"assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"assignerShortName": "HashiCorp",
"cveId": "CVE-2026-7776",
"datePublished": "2026-05-04T21:34:10.975Z",
"dateReserved": "2026-05-04T15:10:16.232Z",
"dateUpdated": "2026-05-05T14:14:05.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-12289 (GCVE-0-2024-12289)
Vulnerability from cvelistv5
Published
2024-12-12 22:42
Modified
2024-12-13 19:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-460 - Improper Cleanup on Thrown Exception
Summary
Boundary Community Edition and Boundary Enterprise (“Boundary”) incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary controller, which on average is measured in milliseconds during the Boundary startup process.
This vulnerability, CVE-2024-12289, is fixed in Boundary Community Edition and Boundary Enterprise 0.16.4, 0.17.3, 0.18.2.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| HashiCorp | Boundary |
Version: 0.8.0 ≤ |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12289",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-13T19:32:38.200931Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-13T19:35:10.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"64 bit",
"32 bit",
"x86",
"ARM",
"MacOS",
"Windows",
"Linux"
],
"product": "Boundary",
"repo": "https://github.com/hashicorp/boundary",
"vendor": "HashiCorp",
"versions": [
{
"changes": [
{
"at": "0.16.4",
"status": "unaffected"
},
{
"at": "0.17.3",
"status": "unaffected"
}
],
"lessThan": "0.18.2",
"status": "affected",
"version": "0.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"64 bit",
"32 bit",
"x86",
"ARM",
"MacOS",
"Windows",
"Linux"
],
"product": "Boundary Enterprise",
"repo": "https://github.com/hashicorp/boundary",
"vendor": "HashiCorp",
"versions": [
{
"changes": [
{
"at": "0.16.4",
"status": "unaffected"
},
{
"at": "0.17.3",
"status": "unaffected"
}
],
"lessThan": "0.18.2",
"status": "affected",
"version": "0.8.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eBoundary Community Edition and Boundary Enterprise (\u201cBoundary\u201d) incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary controller, which on average is measured in milliseconds during the Boundary startup process.\n\nThis vulnerability, CVE-2024-12289, is fixed in Boundary Community Edition and Boundary Enterprise 0.16.4, 0.17.3, 0.18.2.\u003c/p\u003e\u003cbr/\u003e"
}
],
"value": "Boundary Community Edition and Boundary Enterprise (\u201cBoundary\u201d) incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary controller, which on average is measured in milliseconds during the Boundary startup process.\n\nThis vulnerability, CVE-2024-12289, is fixed in Boundary Community Edition and Boundary Enterprise 0.16.4, 0.17.3, 0.18.2."
}
],
"impacts": [
{
"capecId": "CAPEC-227",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-227: Sustained Client Engagement"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-460",
"description": "CWE-460: Improper Cleanup on Thrown Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-12T22:42:01.595Z",
"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"shortName": "HashiCorp"
},
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2024-28-boundary-controller-incorrectly-handles-http-requests-on-initialization-which-may-lead-to-a-denial-of-service"
}
],
"source": {
"advisory": "HCSEC-2024-28",
"discovery": "INTERNAL"
},
"title": "Boundary Controller Incorrectly Handles HTTP Requests On Initialization Which May Lead to a Denial of Service"
}
},
"cveMetadata": {
"assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"assignerShortName": "HashiCorp",
"cveId": "CVE-2024-12289",
"datePublished": "2024-12-12T22:42:01.595Z",
"dateReserved": "2024-12-05T22:09:25.315Z",
"dateUpdated": "2024-12-13T19:35:10.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-1052 (GCVE-0-2024-1052)
Vulnerability from cvelistv5
Published
2024-02-05 20:43
Modified
2024-08-01 18:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-295 - Improper Certificate Validation
Summary
Boundary and Boundary Enterprise (“Boundary”) is vulnerable to session hijacking through TLS certificate tampering. An attacker with privileges to enumerate active or pending sessions, obtain a private key pertaining to a session, and obtain a valid trust on first use (TOFU) token may craft a TLS certificate to hijack an active session and gain access to the underlying service or application.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| HashiCorp | Boundary |
Version: 0.8.0 ≤ |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hashicorp:boundary:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "boundary",
"vendor": "hashicorp",
"versions": [
{
"lessThan": "0.15.0",
"status": "affected",
"version": "0.8.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:hashicorp:boundary_enterprise:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "boundary_enterprise",
"vendor": "hashicorp",
"versions": [
{
"lessThan": "0.15.0",
"status": "affected",
"version": "0.8.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1052",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-28T17:48:37.020420Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T17:52:35.908Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:26:30.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2024-02-boundary-vulnerable-to-session-hijacking-through-tls-certificate-tampering/62458"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux",
"x86",
"ARM",
"64 bit",
"32 bit"
],
"product": "Boundary",
"repo": "https://github.com/hashicorp/boundary",
"vendor": "HashiCorp",
"versions": [
{
"lessThan": "0.15.0",
"status": "affected",
"version": "0.8.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux",
"x86",
"ARM",
"64 bit",
"32 bit"
],
"product": "Boundary Enterprise",
"vendor": "HashiCorp",
"versions": [
{
"lessThan": "0.15.0",
"status": "affected",
"version": "0.8.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Boundary and Boundary Enterprise (\u201cBoundary\u201d) is vulnerable to session hijacking through TLS certificate tampering. An attacker with privileges to enumerate active or pending sessions, obtain a private key pertaining to a session, and obtain a valid trust on first use (TOFU) token may craft a TLS certificate to hijack an active session and gain access to the underlying service or application."
}
],
"value": "Boundary and Boundary Enterprise (\u201cBoundary\u201d) is vulnerable to session hijacking through TLS certificate tampering. An attacker with privileges to enumerate active or pending sessions, obtain a private key pertaining to a session, and obtain a valid trust on first use (TOFU) token may craft a TLS certificate to hijack an active session and gain access to the underlying service or application."
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-05T20:43:53.939Z",
"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"shortName": "HashiCorp"
},
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2024-02-boundary-vulnerable-to-session-hijacking-through-tls-certificate-tampering/62458"
}
],
"source": {
"advisory": "HCSEC-2024-02",
"discovery": "EXTERNAL"
},
"title": "Boundary Vulnerable to Session Hijacking Through TLS Certificate Tampering"
}
},
"cveMetadata": {
"assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"assignerShortName": "HashiCorp",
"cveId": "CVE-2024-1052",
"datePublished": "2024-02-05T20:43:53.939Z",
"dateReserved": "2024-01-29T20:35:33.313Z",
"dateUpdated": "2024-08-01T18:26:30.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0690 (GCVE-0-2023-0690)
Vulnerability from cvelistv5
Published
2023-02-08 18:27
Modified
2025-03-24 20:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Summary
HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker’s disk.
This issue is fixed in version 0.12.0.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:17:50.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0690",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-24T20:50:11.332572Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-24T20:50:18.849Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"x86",
"ARM",
"64 bit",
"Linux",
"32 bit"
],
"product": "Boundary",
"repo": "https://github.com/hashicorp/boundary",
"vendor": "HashiCorp",
"versions": [
{
"lessThanOrEqual": "0.11.2",
"status": "affected",
"version": "0.10.0",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This requires running a Boundary worker using the PKI-based authenticated method and defining a Key Management System (KMS) for worker auth storage."
}
],
"value": "This requires running a Boundary worker using the PKI-based authenticated method and defining a Key Management System (KMS) for worker auth storage."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eHashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file,\u0026nbsp;new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker\u2019s disk.\u003c/p\u003eThis issue is fixed in version 0.12.0."
}
],
"value": "HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file,\u00a0new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker\u2019s disk.\n\nThis issue is fixed in version 0.12.0."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-08T18:27:33.548Z",
"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"shortName": "HashiCorp"
},
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to Boundary 0.12.0. After upgrading, users should do one of the following to remediate the issue:\u003cbr\u003e\u003cbr\u003e\u003cul\u003e\u003cli\u003eWait for next worker authentication rotation to occur, typically within one week, at which point the new credentials should be properly encrypted.\u003c/li\u003e\u003cli\u003eDelete the worker from the system and re-authorize it, forcing the worker to generate a new set of credentials immediately, which will be encrypted.\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "Upgrade to Boundary 0.12.0. After upgrading, users should do one of the following to remediate the issue:\n\n * Wait for next worker authentication rotation to occur, typically within one week, at which point the new credentials should be properly encrypted.\n * Delete the worker from the system and re-authorize it, forcing the worker to generate a new set of credentials immediately, which will be encrypted.\n\n\n"
}
],
"source": {
"advisory": "HCSEC-2023-03",
"discovery": "INTERNAL"
},
"title": "Boundary Workers Store Rotated Credentials in Plaintext Even When a Key Management Service Configured"
}
},
"cveMetadata": {
"assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"assignerShortName": "HashiCorp",
"cveId": "CVE-2023-0690",
"datePublished": "2023-02-08T18:27:33.548Z",
"dateReserved": "2023-02-06T20:52:57.188Z",
"dateUpdated": "2025-03-24T20:50:18.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}