pkg:Go/github.com/hashicorp/consul

所有已知漏洞

• HIGH8.8CVE-2021-37219HashiCorp Consul Privilege Escalation Vulnerability
  >= 1.10.1, < 1.10.2
• HIGH8.8CVE-2021-37219HashiCorp Consul Privilege Escalation Vulnerability
  from 0, < 1.8.15, >= 1.9.0, < 1.9.9, >= 1.10.1, < 1.10.2
• HIGH8.7CVE-2023-2816Hashicorp Consul allows user with service:write permissions to patch remote proxy instances in github.com/hashicorp/consul
  >= 1.15.0, < 1.15.3
• HIGH8.7CVE-2023-2816Hashicorp Consul allows user with service:write permissions to patch remote proxy instances in github.com/hashicorp/consul
  >= 1.15.0, < 1.15.3
• HIGH8.3CVE-2024-10006Hashicorp Consul Improper Neutralization of HTTP Headers for Scripting Syntax vulnerability
  >= 1.9.0, < 1.20.1
• HIGH8.3CVE-2024-10006Hashicorp Consul Improper Neutralization of HTTP Headers for Scripting Syntax vulnerability
  >= 1.9.0, < 1.20.1
• HIGH8.1CVE-2024-10005Hashicorp Consul Path Traversal vulnerability
  >= 1.9.0, < 1.20.1
• HIGH8.1CVE-2024-10005Hashicorp Consul Path Traversal vulnerability
  >= 1.9.0, < 1.20.1
• HIGH8.1CVE-2019-8336HashiCorp Consul Access Restriction Bypass in github.com/hashicorp/consul
  >= 1.4.0, < 1.4.3
• HIGH8.1CVE-2019-8336HashiCorp Consul Access Restriction Bypass in github.com/hashicorp/consul
  >= 1.4.0, < 1.4.3
• HIGH7.5CVE-2020-25201Denial of service in HashiCorp Consul in github.com/hashicorp/consul
  >= 1.7.0, < 1.7.9, >= 1.8.0, < 1.8.5
• HIGH7.5CVE-2020-25201Denial of service in HashiCorp Consul in github.com/hashicorp/consul
  >= 1.7.0, < 1.7.9
• HIGH7.5CVE-2019-12291HashiCorp Consul Incorrect Access Control vulnerability in github.com/hashicorp/consul
  >= 1.4.0, < 1.5.1
• HIGH7.5CVE-2019-12291HashiCorp Consul Incorrect Access Control vulnerability in github.com/hashicorp/consul
  >= 1.4.0, < 1.5.1
• HIGH7.5CVE-2022-3920Missing Authorization in HashiCorp Consul
  >= 1.13.0, < 1.14.0
• HIGH7.5CVE-2022-3920Missing Authorization in HashiCorp Consul
  >= 1.13.0, < 1.14.0
• HIGH7.5CVE-2022-29153Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector in github.com/hashicorp/consul
  from 0, < 1.9.17, >= 1.10.0, < 1.10.10, >= 1.11.0, < 1.11.5
• HIGH7.5CVE-2022-29153Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector in github.com/hashicorp/consul
  from 0, < 1.9.17
• HIGH7.5CVE-2021-36213HashiCorp Consul L7 deny intention results in an allow action
  from 0, < 1.10.1
• HIGH7.5CVE-2021-36213HashiCorp Consul L7 deny intention results in an allow action
  from 0, < 1.10.1
• HIGH7.5CVE-2021-32574Hashicorp Consul Missing SSL Certificate Validation in github.com/hashicorp/consul
  from 0, < 1.10.1
• HIGH7.5CVE-2021-32574Hashicorp Consul Missing SSL Certificate Validation in github.com/hashicorp/consul
  from 0, < 1.10.1
• HIGH7.5CVE-2020-13250Allocation of Resources Without Limits or Throttling in Hashicorp Consul in github.com/hashicorp/consul
  >= 1.2.0, < 1.6.6, >= 1.7.0, < 1.7.4
• HIGH7.5CVE-2020-13250Allocation of Resources Without Limits or Throttling in Hashicorp Consul in github.com/hashicorp/consul
  >= 1.2.0, < 1.6.6
• HIGH7.5CVE-2020-7219Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul
  from 0, < 1.6.3
• HIGH7.5CVE-2020-7219Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul
  from 0, < 1.6.3
• HIGH7.4CVE-2023-3518Consul JWT Auth in L7 Intentions Allow for Mismatched Service Identity and JWT Providers in github.com/hashicorp/consul
  >= 1.16.0, < 1.16.1
• HIGH7.4CVE-2023-3518Consul JWT Auth in L7 Intentions Allow for Mismatched Service Identity and JWT Providers in github.com/hashicorp/consul
  >= 1.16.0, < 1.16.1
• HIGH7.4CVE-2019-9764HashiCorp Consul vulnerable to Origin Validation Error
  from 0, < 1.4.4
• HIGH7.4CVE-2019-9764HashiCorp Consul vulnerable to Origin Validation Error
  from 0, < 1.4.4
• HIGH7.1CVE-2021-41803Improper handling of node names in JWT claims assertions in github.com/hashicorp/consul
  >= 1.8.1, < 1.11.9, >= 1.12.0, < 1.12.5, >= 1.13.0, < 1.13.2
• HIGH7.1CVE-2021-41803Improper handling of node names in JWT claims assertions in github.com/hashicorp/consul
  >= 1.8.1, < 1.11.9
• MEDIUM6.8CVE-2026-2808Consul is vulnerable to arbitrary file read when configured with Kubernetes authentication
  from 0, < 1.18.21
• MEDIUM6.8CVE-2026-2808Consul is vulnerable to arbitrary file read when configured with Kubernetes authentication
  from 0, < 1.22.5
• MEDIUM6.5CVE-2025-11374Consul key/value endpoint is vulnerable to denial of service in github.com/hashicorp/consul
  from 0, < 1.22.0
• MEDIUM6.5CVE-2025-11375Consul event endpoint is vulnerable to denial of service in github.com/hashicorp/consul
  from 0, < 1.22.0
• MEDIUM6.5CVE-2025-11374Consul key/value endpoint is vulnerable to denial of service in github.com/hashicorp/consul
  from 0, < 1.22.0
• MEDIUM6.5CVE-2025-11375Consul event endpoint is vulnerable to denial of service in github.com/hashicorp/consul
  from 0, < 1.22.0
• MEDIUM6.5CVE-2020-28053Privilege Escalation in HashiCorp Consul in github.com/hashicorp/consul
  >= 1.2.0, < 1.6.10
• MEDIUM6.5CVE-2020-28053Privilege Escalation in HashiCorp Consul in github.com/hashicorp/consul
  >= 1.2.0, < 1.6.10, >= 1.7.0, < 1.7.10, >= 1.8.0, < 1.8.6
• MEDIUM6.5CVE-2023-0845Consul Server Panic when Ingress and API Gateways Configured with Peering Connections in github.com/hashicorp/consul
  >= 1.14.0, < 1.14.5
• MEDIUM6.5CVE-2023-0845Consul Server Panic when Ingress and API Gateways Configured with Peering Connections in github.com/hashicorp/consul
  >= 1.14.0, < 1.14.5
• MEDIUM6.5CVE-2022-40716HashiCorp Consul vulnerable to authorization bypass
  from 0, < 1.11.9, >= 1.12.0, < 1.12.5, >= 1.13.0, < 1.13.2
• MEDIUM6.5CVE-2022-40716HashiCorp Consul vulnerable to authorization bypass
  from 0, < 1.11.9
• MEDIUM6.5CVE-2022-24687HashiCorp Consul Ingress Gateway Panic Can Shutdown Servers in github.com/hashicorp/consul
  >= 1.8.0, < 1.9.15
• MEDIUM6.5CVE-2022-24687HashiCorp Consul Ingress Gateway Panic Can Shutdown Servers in github.com/hashicorp/consul
  >= 1.8.0, < 1.9.15, >= 1.10.0, < 1.10.8, >= 1.11.0, < 1.11.3
• MEDIUM6.5CVE-2021-38698HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. in github.com/hashicorp/consul
  from 0, < 1.8.15, >= 1.9.0, < 1.9.9, >= 1.10.1, < 1.10.2
• MEDIUM6.5CVE-2021-38698HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. in github.com/hashicorp/consul
  >= 1.10.1, < 1.10.2
• MEDIUM6.1CVE-2024-10086Hashicorp Consul Cross-site Scripting vulnerability in github.com/hashicorp/consul
  >= 1.4.1, < 1.20.0
• MEDIUM6.1CVE-2024-10086Hashicorp Consul Cross-site Scripting vulnerability in github.com/hashicorp/consul
  >= 1.4.1, < 1.20.0
• MEDIUM6.1CVE-2020-25864HashiCorp Consul Cross-site Scripting vulnerability
  >= 1.9.0, < 1.9.5
• MEDIUM6.1CVE-2020-25864HashiCorp Consul Cross-site Scripting vulnerability
  from 0, < 1.7.14, >= 1.8.0, < 1.8.10, >= 1.9.0, < 1.9.5
• MEDIUM5.9CVE-2018-19653HashiCorp Consul can use cleartext agent-to-agent RPC communication in github.com/hashicorp/consul
  >= 0.5.1, < 1.4.1
• MEDIUM5.9CVE-2018-19653HashiCorp Consul can use cleartext agent-to-agent RPC communication in github.com/hashicorp/consul
  >= 0.5.1, < 1.4.1
• MEDIUM5.3CVE-2020-12758Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul
  >= 1.6.0-beta1, < 1.6.6
• MEDIUM5.3CVE-2020-12758Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul
  >= 1.6.0-beta1, < 1.6.6, >= 1.7.0, < 1.7.4
• MEDIUM5.3CVE-2020-7955Incorrect Authorization in HashiCorp Consul in github.com/hashicorp/consul
  >= 1.4.1, < 1.6.3
• MEDIUM5.3CVE-2020-7955Incorrect Authorization in HashiCorp Consul in github.com/hashicorp/consul
  >= 1.4.1, < 1.6.3
• MEDIUM5.3CVE-2020-12797Incorrect Permission Assignment for Critical Resource in Hashicorp Consul in github.com/hashicorp/consul
  >= 1.6.0, < 1.6.6, >= 1.7.0, < 1.7.4
• MEDIUM5.3CVE-2020-12797Incorrect Permission Assignment for Critical Resource in Hashicorp Consul in github.com/hashicorp/consul
  >= 1.6.0, < 1.6.6
• MEDIUM5.3CVE-2020-13170Improper Input Validation in HashiCorp Consul in github.com/hashicorp/consul
  >= 1.6.0-beta1, < 1.6.6
• MEDIUM5.3CVE-2020-13170Improper Input Validation in HashiCorp Consul in github.com/hashicorp/consul
  >= 1.6.0-beta1, < 1.6.6, >= 1.7.0, < 1.7.4
• MEDIUM4.9CVE-2023-1297Hashicorp Consul vulnerable to denial of service in github.com/hashicorp/consul
  from 0, < 1.14.5, >= 1.15.0, < 1.15.3
• MEDIUM4.9CVE-2023-1297Hashicorp Consul vulnerable to denial of service in github.com/hashicorp/consul
  from 0, < 1.14.5