CWE-156
4 CVEs classified under CWE-156. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-55001 | Medium | 6.5 | 2025-08-09 | OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and… |
CVE-2025-55000 | Medium | 6.5 | 2025-08-09 | OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 thro… |
CVE-2025-6013 | Medium | 6.5 | 2025-08-06 | Vault and Vault Enterprise’s (“Vault”) ldap auth method may not have correctly enforced MFA if username_as_alias was set to true and a user had multiple CNs th… |
CVE-2025-6014 | Medium | 6.5 | 2025-08-01 | Vault and Vault Enterprise’s (“Vault”) TOTP Secrets Engine code validation endpoint is susceptible to code reuse within its validity period. Fixed in Vault Com… |