CVE-2024-8185

Description

Hashicorp Vault vulnerable to denial of service through memory exhaustion in github.com/hashicorp/vault

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://nvd.nist.gov/vuln/detail/CVE-2024-8185
• https://github.com/hashicorp/vault/commit/195dfca433028887973f5bd82d173d91fe9dab4a
• https://discuss.hashicorp.com/t/hcsec-2024-26-vault-vulnerable-to-denial-of-service-through-memory-exhaustion-when-processing-raft-cluster-join-requests/71047
• https://github.com/hashicorp/vault
• https://openbao.org/docs/release-notes/2-0-0/#203
• https://github.com/advisories/GHSA-g233-2p4r-3q7v
• https://www.suse.com/security/cve/CVE-2024-8185.html

💬 Discuss CVE-2024-8185 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.