AVG-1369 log
| Package | vault |
| Status | Not affected |
| Severity | Medium |
| Type | privilege escalation |
| Affected | 1.5.4-1 |
| Fixed | Not affected |
| Current | 1.21.0-1 [extra] |
| Ticket | None |
| Created | Thu Dec 17 14:51:48 2020 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-35453 | Medium | No | Privilege escalation | HashiCorp Vault Enterprise's Sentinel EGP policy feature incorrectly allowed requests to be processed in parent and sibling namespaces. Fixed in 1.5.6 and 1.6.1. |