github.com/hashicorp/vault is vulnerable to privilege escalation. The vulnerability exists due to improper conditional check in handleAliasUpdate function in identity_store_aliases.go allowing an authenticated attacker with specific write permissions to gain elevated privileges to perform unauthorized actions.
discuss.hashicorp.com/t/hcsec-2021-27-vault-merging-multiple-entity-aliases-for-the-same-mount-may-allow-privilege-escalation/
github.com/hashicorp/vault/commit/52598d9fed704cfd73952109e33d54e624849f8e
github.com/hashicorp/vault/issues/11277
github.com/hashicorp/vault/pull/12473
security.gentoo.org/glsa/202207-01