|
HCSEC-2025-33 - Vault Terraform Provider Applied Incorrect Defaults for LDAP Auth Method
|
|
0
|
459
|
November 21, 2025
|
|
HCSEC-2025-34 - Terraform Enterprise state versions can be created by users without sufficient write access
|
|
0
|
196
|
November 21, 2025
|
|
HCSEC-2025-05 - Terraform Enterprise’s Single Sign-On and Ruby SAML’s CVE-2025-25291 and CVE-2025-25292
|
|
0
|
589
|
March 13, 2025
|
|
HCSEC-2024-19 - Terraform Enterprise’s Single Sign-On And Ruby SAML’s CVE-2024-45409
|
|
1
|
1267
|
October 21, 2024
|
|
HCSEC-2024-04 - Terraform Registry Module Supply Chain Security Improvements
|
|
0
|
5074
|
February 15, 2024
|
|
HCSEC-2023-27 - Terraform Allows Arbitrary File Write During Init Operation
|
|
0
|
9491
|
September 8, 2023
|
|
HCSEC-2023-26 - Terraform’s Handling Of Duplicate Map Keys In Configurations May Have Security Implications
|
|
0
|
7389
|
August 24, 2023
|
|
HCSEC-2023-19 - Terraform Enterprise, Docker Engine, and Go’s CVE-2023-24540
|
|
1
|
7099
|
June 28, 2023
|
|
HCSEC-2023-18 - Terraform Enterprise Agent Pool Controls Allowed Unauthorized Workspaces to Target an Agent Pool
|
|
0
|
6172
|
June 22, 2023
|
|
HCSEC-2022-06 - Terraform Enterprise May Capture Sensitive Data In Logs
|
|
0
|
7701
|
February 24, 2022
|
|
HCSEC-2021-25 - Terraform Enterprise Configuration Versions API Discloses Sensitive URL
|
|
0
|
7353
|
September 14, 2021
|
|
HCSEC-2021-18 - Terraform Enterprise Allowed Privilege Escalation Via Run Token
|
|
0
|
7451
|
July 20, 2021
|
|
HCSEC-2021-12 - Codecov Security Event and HashiCorp GPG Key Exposure
|
|
2
|
67034
|
May 4, 2021
|
|
HCSEC-2021-11 - Terraform’s Vault Provider Did Not Correctly Configure Bound Labels for GCP Auth
|
|
0
|
8181
|
April 21, 2021
|
|
HCSEC-2021-06 - Terraform Enterprise Organization-Level MFA Requirement Was Not Enforced
|
|
0
|
7517
|
March 23, 2021
|
|
HCSEC-2020-15 - Terraform Enterprise Allowed Local Account Creation Bypassing SSO
|
|
0
|
5007
|
November 25, 2020
|