|
HCSEC-2025-33 - Vault Terraform Provider Applied Incorrect Defaults for LDAP Auth Method
|
|
0
|
1266
|
November 21, 2025
|
|
HCSEC-2025-34 - Terraform Enterprise state versions can be created by users without sufficient write access
|
|
0
|
496
|
November 21, 2025
|
|
HCSEC-2025-05 - Terraform Enterprise’s Single Sign-On and Ruby SAML’s CVE-2025-25291 and CVE-2025-25292
|
|
0
|
731
|
March 13, 2025
|
|
HCSEC-2024-19 - Terraform Enterprise’s Single Sign-On And Ruby SAML’s CVE-2024-45409
|
|
1
|
1292
|
October 21, 2024
|
|
HCSEC-2024-04 - Terraform Registry Module Supply Chain Security Improvements
|
|
0
|
5112
|
February 15, 2024
|
|
HCSEC-2023-27 - Terraform Allows Arbitrary File Write During Init Operation
|
|
0
|
9561
|
September 8, 2023
|
|
HCSEC-2023-26 - Terraform’s Handling Of Duplicate Map Keys In Configurations May Have Security Implications
|
|
0
|
7411
|
August 24, 2023
|
|
HCSEC-2023-19 - Terraform Enterprise, Docker Engine, and Go’s CVE-2023-24540
|
|
1
|
7113
|
June 28, 2023
|
|
HCSEC-2023-18 - Terraform Enterprise Agent Pool Controls Allowed Unauthorized Workspaces to Target an Agent Pool
|
|
0
|
6186
|
June 22, 2023
|
|
HCSEC-2022-06 - Terraform Enterprise May Capture Sensitive Data In Logs
|
|
0
|
7719
|
February 24, 2022
|
|
HCSEC-2021-25 - Terraform Enterprise Configuration Versions API Discloses Sensitive URL
|
|
0
|
7359
|
September 14, 2021
|
|
HCSEC-2021-18 - Terraform Enterprise Allowed Privilege Escalation Via Run Token
|
|
0
|
7482
|
July 20, 2021
|
|
HCSEC-2021-12 - Codecov Security Event and HashiCorp GPG Key Exposure
|
|
2
|
67118
|
May 4, 2021
|
|
HCSEC-2021-11 - Terraform’s Vault Provider Did Not Correctly Configure Bound Labels for GCP Auth
|
|
0
|
8195
|
April 21, 2021
|
|
HCSEC-2021-06 - Terraform Enterprise Organization-Level MFA Requirement Was Not Enforced
|
|
0
|
7521
|
March 23, 2021
|
|
HCSEC-2020-15 - Terraform Enterprise Allowed Local Account Creation Bypassing SSO
|
|
0
|
5017
|
November 25, 2020
|