vulnerability

Alpine Linux: CVE-2021-38554: Improper Removal of Sensitive Information Before Storage or Transfer

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
3	(AV:N/AC:M/Au:S/C:P/I:N/A:N)	Aug 13, 2021	Oct 1, 2024	Aug 25, 2025

Severity

CVSS

(AV:N/AC:M/Au:S/C:P/I:N/A:N)

Published

Aug 13, 2021

Added

Oct 1, 2024

Modified

Aug 25, 2025

Description

HashiCorp Vault and Vault Enterprise’s UI erroneously cached and exposed user-viewed secrets between sessions in a single shared browser. Fixed in 1.8.0 and pending 1.7.4 / 1.6.6 releases.

Solution

alpine-linux-upgrade-vault

References

CVE-2021-38554
https://attackerkb.com/topics/CVE-2021-38554
URL-https://security.alpinelinux.org/vuln/CVE-2021-38554
CWE-212

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today