Multiple vulnerabilities in HashiCorp Vault Community and Enterprise Editions including KVv2 metadata and secret deletion policy bypass leading to denial-of-service, and server-side request forgery in ACME challenge validation via attacker-controlled DNS.
| Vendor | Product | Versions |
|---|---|---|
| hashi | vault community edition and vault enterprise edition | multiple versions |
