pkg:Bitnami/consul
共 33 筆 CVEHIGH17MEDIUM16
✅ 檢查你的版本
所有已知漏洞
- HIGH8.8CVE-2021-41805HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has Incorrect Access Control.>= 1.7.0, < 1.8.17, >= 1.9.0, < 1.9.11, >= 1.10.0, < 1.10.4
- from 0, < 1.8.15, >= 1.9.0, < 1.9.9, >= 1.10.0, < 1.10.2
- HIGH8.7CVE-2023-2816Hashicorp Consul allows user with service:write permissions to patch remote proxy instances in github.com/hashicorp/consul>= 1.15.0, < 1.15.3
- from 0, < 1.8.15, >= 1.9.0, < 1.9.9, >= 1.10.0, < 1.10.2
- HIGH8.3CVE-2024-10006Hashicorp Consul Improper Neutralization of HTTP Headers for Scripting Syntax vulnerability>= 1.9.0, < 1.20.1
- >= 1.9.0, < 1.20.1
- from 0, < 0.9.4, >= 1.0.0, < 1.0.8, >= 1.1.0, < 1.1.1, >= 1.2.0, < 1.2.4
- HIGH7.5CVE-2021-28156HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events.>= 1.8.0, < 1.8.10, >= 1.9.0, < 1.9.5
- >= 1.7.0, <= 1.8.4
- >= 1.13.0, < 1.13.4
- HIGH7.5CVE-2022-29153Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector in github.com/hashicorp/consulfrom 0, < 1.9.17, >= 1.10.0, < 1.10.10, >= 1.11.0, < 1.11.5
- >= 1.9.0, < 1.9.8, >= 1.10.0, < 1.10.1
- HIGH7.5CVE-2021-32574Hashicorp Consul Missing SSL Certificate Validation in github.com/hashicorp/consul>= 1.3.0, < 1.8.14, >= 1.9.0, < 1.9.8, >= 1.10.0, < 1.10.1
- HIGH7.5CVE-2020-13250Allocation of Resources Without Limits or Throttling in Hashicorp Consul in github.com/hashicorp/consul>= 1.2.0, < 1.6.6, >= 1.7.0, < 1.7.4
- from 0, < 1.6.2
- HIGH7.4CVE-2023-3518Consul JWT Auth in L7 Intentions Allow for Mismatched Service Identity and JWT Providers in github.com/hashicorp/consul>= 1.16.0, < 1.16.1
- HIGH7.1CVE-2021-41803Improper handling of node names in JWT claims assertions in github.com/hashicorp/consul>= 1.8.1, < 1.11.9, >= 1.12.4, < 1.12.5, >= 1.13.1, < 1.13.2
- MEDIUM6.8CVE-2026-2808Consul is vulnerable to arbitrary file read when configured with Kubernetes authenticationfrom 0, < 1.22.5
- MEDIUM6.5CVE-2025-11374Consul key/value endpoint is vulnerable to denial of service in github.com/hashicorp/consulfrom 0, < 1.22.0
- MEDIUM6.5CVE-2025-11375Consul event endpoint is vulnerable to denial of service in github.com/hashicorp/consulfrom 0, < 1.22.0
- >= 1.2.0, < 1.6.10, >= 1.7.0, < 1.7.10, >= 1.8.0, < 1.8.6
- MEDIUM6.5CVE-2023-0845Consul Server Panic when Ingress and API Gateways Configured with Peering Connections in github.com/hashicorp/consulfrom 0, < 1.14.5
- from 0, < 1.11.9, >= 1.12.0, < 1.12.5, >= 1.13.0, < 1.13.2
- MEDIUM6.5CVE-2022-24687HashiCorp Consul Ingress Gateway Panic Can Shutdown Servers in github.com/hashicorp/consul>= 1.8.0, < 1.9.15, >= 1.10.0, < 1.10.8, >= 1.11.0, < 1.11.3
- MEDIUM6.5CVE-2021-38698HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. in github.com/hashicorp/consulfrom 0, < 1.8.15, >= 1.9.0, < 1.9.9, >= 1.10.0, < 1.10.2
- MEDIUM6.1CVE-2024-10086Hashicorp Consul Cross-site Scripting vulnerability in github.com/hashicorp/consul>= 1.4.1, < 1.20.0
- from 0, < 1.7.14, >= 1.8.0, < 1.8.10, >= 1.9.0, < 1.9.5
- >= 1.6.0, < 1.6.6, >= 1.7.0, < 1.7.4
- >= 1.4.1, < 1.6.2
- MEDIUM5.3CVE-2020-12797Incorrect Permission Assignment for Critical Resource in Hashicorp Consul in github.com/hashicorp/consul>= 1.4.0, < 1.6.7, >= 1.7.0, < 1.7.4
- >= 1.4.0, < 1.6.6, >= 1.7.0, < 1.7.4
- MEDIUM4.9CVE-2023-1297Hashicorp Consul vulnerable to denial of service in github.com/hashicorp/consul>= 1.13.0, < 1.14.7, >= 1.15.0, < 1.15.3
- MEDIUM4.7CVE-2026-5061Consul-template vulnerable to sandbox path bypass in file helper via a symlink attack>= 0.1.0, < 0.42.0