CVE-2020-10660

HashiCorp Vault and Vault Enterprise versions 0.9.0 through 1.3.3 may, under certain circumstances, have an Entity's Group membership inadvertently include Groups the Entity no longer has permissions to. Fixed in 1.3.4. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt