CVE-2019-19879
First published: Fri Feb 14 2020(Updated: )
HashiCorp Sentinel up to 0.10.1 incorrectly parsed negation in certain policy expressions. Fixed in 0.10.2.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HashiCorp Sentinel | <=0.10.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this HashiCorp Sentinel vulnerability?
The vulnerability ID is CVE-2019-19879.
What is the severity rating of CVE-2019-19879?
The severity rating of CVE-2019-19879 is high with a score of 7.5.
What is the affected software version?
HashiCorp Sentinel up to version 0.10.1 is affected.
How can I fix this vulnerability?
This vulnerability has been fixed in version 0.10.2 of HashiCorp Sentinel. Update to the latest version.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability [here](https://discuss.hashicorp.com/t/security-bulletin-sentinel-incorrectly-parses-negation-in-certain-policy-expressions/5955).
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/hashicorp
- canonical/hashicorp sentinel
- version/hashicorp sentinel/0.10.1