Filters
Versions
HashiCorp ConsulConsul L7 Intentions Vulnerable To Headers Bypass
8.3
First published (updated )
HashiCorp ConsulConsul L7 Intentions Vulnerable To URL Path Bypass
8.1
First published (updated )
HashiCorp ConsulDependency on Vulnerable Third-Party Component in GitLab
8.1
First published (updated )
HashiCorp ConsulJWT Auth in L7 Intentions Allow For Mismatched Service Identity and JWT Providers for Access
7.4
First published (updated )
HashiCorp ConsulConsul Cluster Peering can Result in Denial of Service
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
HashiCorp ConsulConsul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner
8.7
First published (updated )
HashiCorp ConsulConsul Peering Imported Nodes/Services Leak
7.5
First published (updated )
HashiCorp ConsulHashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 did not properly validate the node or segmen…
7.1
First published (updated )
HashiCorp ConsulHashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has Incorre…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid c…
8.8
First published (updated )
HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 app…
7.5
First published (updated )
HashiCorp ConsulHashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not v…
7.5
First published (updated )
HashiCorp ConsulHashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically craf…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/hashicorp/consulHashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can…
7.5
First published (updated )
HashiCorp ConsulHashiCorp Consul and Consul Enterprise could crash when configured with an abnormally-formed service…
7.5
First published (updated )
HashiCorp ConsulHashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced…
7.5
First published (updated )
HashiCorp ConsulHashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usag…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
HashiCorp ConsulHashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Keys not matching a specific ACL …
7.5
First published (updated )
HashiCorp ConsulHashiCorp Consul 1.4.3 lacks server hostname verification for agent-to-agent TLS communication. In o…
7.4
First published (updated )
HashiCorp ConsulHashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a client to bypass intended acces…
8.1
First published (updated )