vault-csi-provider vulnerabilities

Known vulnerabilities in the vault-csi-provider package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L CVE-2025-22866	<1.5.0-r6
L GHSA-3whm-j4xm-rv8x	<1.5.0-r6
L CVE-2024-45341	<1.5.0-r5
L GHSA-3f6r-qh9c-x6mm	<1.5.0-r5
L GHSA-7wrw-r4p8-38rx	<1.5.0-r5
L CVE-2024-45336	<1.5.0-r5
L GHSA-w32m-9786-jp63	<1.5.0-r4
L CVE-2024-45338	<1.5.0-r4
L GHSA-v778-237x-gjrc	<1.5.0-r3
L CVE-2024-45337	<1.5.0-r3
L CVE-2024-34155	<1.4.0-r17
L CVE-2024-34156	<1.4.0-r17
L GHSA-crqm-pwhx-j97f	<1.4.0-r17
L GHSA-8xfx-rj4p-23jm	<1.4.0-r17
L GHSA-j7vj-rw65-4v26	<1.4.0-r17
L CVE-2024-34158	<1.4.0-r17
L CVE-2024-24791	<1.4.0-r16
L GHSA-hw49-2p59-3mhj	<1.4.0-r16
L GHSA-v6v8-xj6m-xwqh	<1.4.0-r15
M Information Exposure Through Log Files	<1.4.0-r15
L GHSA-236w-p7wf-5ph8	<1.4.0-r14
C CVE-2024-24790	<1.4.0-r14
M CVE-2024-24789	<1.4.0-r14
L GHSA-49gw-vxvf-fc2g	<1.4.0-r14
L GHSA-4v7x-pqxf-cx7m	<1.4.0-r14
L CVE-2023-45288	<1.4.0-r14
L GHSA-8r3f-844c-mc37	<1.4.0-r11
L CVE-2024-24786	<1.4.0-r11
L GHSA-3q2c-pvp5-3cqp	<1.4.0-r10
L CVE-2023-45290	<1.4.0-r10
L GHSA-fgq5-q76c-gx78	<1.4.0-r10
L CVE-2024-24783	<1.4.0-r10
L CVE-2024-24784	<1.4.0-r10
L CVE-2024-24785	<1.4.0-r10
L GHSA-rr6r-cfgf-gc6h	<1.4.0-r10
L GHSA-32ch-6x54-q4h9	<1.4.0-r10
L CVE-2023-45289	<1.4.0-r10
L GHSA-j6m3-gc37-6r6q	<1.4.0-r10
L GHSA-g82w-58jf-gcxx	<1.4.0-r9
L GHSA-2wrh-6pvc-2jm9	<1.4.0-r9
L GHSA-4374-p667-p6c8	<1.4.0-r9
M Improper Validation of Integrity Check Value	<1.4.0-r9
L GHSA-qppj-fm5r-hxr3	<1.4.0-r9
L GHSA-45x7-px36-x8w8	<1.4.0-r9
M Information Exposure Through Log Files	<1.4.0-r9
M Cross-site Scripting (XSS)	<1.4.0-r9
H Allocation of Resources Without Limits or Throttling	<1.4.0-r9
H CVE-2023-44487	<1.4.0-r9
L GHSA-m425-mq94-257g	<1.4.0-r9

Vulnerability

Vulnerable Version

<1.5.0-r6

<1.5.0-r6

<1.5.0-r5

<1.5.0-r5

<1.5.0-r5