First published: Wed Oct 30 2024(Updated: )
A vulnerability was identified in Consul and Consul Enterprise ("Consul") such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.
Credit: security@hashicorp.com security@hashicorp.com
Affected Software | Affected Version | How to fix |
---|---|---|
go/github.com/hashicorp/consul | >=1.9.0<1.20.1 | 1.20.1 |
HashiCorp Consul | >=1.4.1<1.20.1 | |
HashiCorp Consul | >=1.9.0<1.15.15 | |
HashiCorp Consul | >=1.18.0<1.18.5 | |
HashiCorp Consul | >=1.19.0<1.19.3 | |
HashiCorp Consul | =1.20.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.