Headline
CVE-2020-25864: HCSEC-2021-07 - Consul API KV Endpoint Vulnerable to Cross-Site Scripting
HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.
Loading
Related news
Gentoo Linux Security Advisory 202208-09
Gentoo Linux Security Advisory 202208-9 - Multiple vulnerabilities have been discovered in HashiCorp Consul, the worst of which could result in denial of service. Versions less than 1.9.17 are affected.
CVE-2020-25201: consul/CHANGELOG.md at main · hashicorp/consul
HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5.