VulnerableCode Package Details - pkg:alpm/archlinux/vault@1.5.4-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/vault@1.5.4-1

Essentials
History (2)

purl	pkg:alpm/archlinux/vault@1.5.4-1

Next non-vulnerable version	1.5.7-1
Latest non-vulnerable version	1.9.0-1
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-23vu-yqq2-afa5 Aliases: CVE-2020-35453	vault: Sentinel EGP policy feature incorrectly allowed requests to be processed	There are no reported fixed by versions.
VCID-99xt-7k12-nfgc Aliases: CVE-2021-3282 GHSA-rq95-xf66-j689	Improper Authentication in HashiCorp Vault HashiCorp Vault Enterprise 1.6.0 & 1.6.1 allowed the `remove-peer` raft operator command to be executed against DR secondaries without authentication. Fixed in 1.6.2.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:26:58.228311+00:00	Arch Linux Importer	Affected by	VCID-23vu-yqq2-afa5	https://security.archlinux.org/AVG-1369	38.0.0
2026-04-01T18:26:55.869348+00:00	Arch Linux Importer	Affected by	VCID-99xt-7k12-nfgc	https://security.archlinux.org/AVG-1519	38.0.0