CVE-2021-29653

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-29653

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-29653.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-29653

Aliases

BIT-vault-2021-29653

Published

2021-04-22T17:15:07.753Z

Modified

2026-02-11T14:31:29.509036Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

HashiCorp Vault and Vault Enterprise 1.5.1 and newer, under certain circumstances, may exclude revoked but unexpired certificates from the CRL. Fixed in 1.5.8, 1.6.4, and 1.7.1.

References

https://discuss.hashicorp.com/t/hcsec-2021-09-vault-s-pki-engine-crl-may-exclude-revoked-but-unexpired-certificates-after-tidy/23461/2

Affected packages

Git / github.com/hashicorp/vault

Affected ranges

Type: GIT
Repo: https://github.com/hashicorp/vault
Events: Introduced

4e222b85c40a810b74400ee3c54449479e32bb9f

Fixed

917142287996a005cb1ed9d96d00d06a0590e44e

Introduced

7ce0bd9691998e0443bc77e98b1e2a4ab1e965d4

Fixed

a10df31ee51d18d8dc4a3eda8b6ffd9097b21ba5

Introduced

acf61cc20e35dfa8d890ff778ecf26194642f85c

Fixed

2df19e576b337ba7fd6fc03ccde67d3324eef310

Affected versions

api/v1.*

api/v1.1.0

sdk/v0.*

sdk/v0.2.0

v1.*

v1.5.1

v1.5.2

v1.5.3

v1.5.4

v1.5.5

v1.5.6

v1.5.7

v1.6.0

v1.6.1

v1.6.2

v1.6.3

v1.7.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-29653.json"