Security updates for all HashiCorp products and services. Posting to this category is restricted to HashiCorp employees only.
Reporting Security Vulnerabilities
We deeply appreciate any effort to discover and coordinate the disclosure of security vulnerabilities.
For information about security at HashiCorp and the reporting of security vulnerabilities, please see Security at HashiCorp.
Security Update Publication
Security updates regarding HashiCorp products and services will be published here, particularly where a vulnerability has been identified and addressed.
Vulnerabilities will also be assigned a CVE where applicable, and will be accessible via MITRE’s search interface and other CVE feeds/tools.
Subscribing to Security Updates
To receive email notifications for all HashiCorp security updates, please sign in to https://discuss.hashicorp.com and enable “watching” for this topic (Security - HashiCorp Discuss).
To subscribe to an RSS feed for all HashiCorp security updates, point your reader or integration of choice at the RSS URL for this topic (Security - HashiCorp Discuss).
Subscribing for Specific Products
Tags are used to categorize security updates according to the related HashiCorp product/s.
For example, to receive email notifications regarding only Vault-related security updates, please sign in to https://discuss.hashicorp.com and enable “watching” for the security-vault tag (Topics tagged security-vault).
To subscribe to an RSS feed regarding only Vault-related security updates, point your reader or integration of choice at the RSS URL for the security-vault tag (HashiCorp Discuss - Topics tagged security-vault).
The same email/RSS capabilities can be use for other product-specific security- tags.