HIGH8.8CVE-2021-37219HashiCorp Consul Privilege Escalation Vulnerability in github.com/hashicorp/consul >= 1.10.1, < 1.10.2
HIGH8.8CVE-2021-37219HashiCorp Consul Privilege Escalation Vulnerability in github.com/hashicorp/consul from 0, < 1.8.15, >= 1.9.0, < 1.9.9, >= 1.10.1, < 1.10.2
HIGH8.7CVE-2023-2816Consul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner >= 1.15.0, < 1.15.3
HIGH8.7Consul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner
>= 1.15.0, < 1.15.3
HIGH8.3Consul L7 Intentions Vulnerable To Headers Bypass
>= 1.9.0, < 1.20.1
HIGH8.3Consul L7 Intentions Vulnerable To Headers Bypass
>= 1.9.0, < 1.20.1
HIGH8.1Consul L7 Intentions Vulnerable To URL Path Bypass
>= 1.9.0, < 1.20.1
HIGH8.1Consul L7 Intentions Vulnerable To URL Path Bypass
>= 1.9.0, < 1.20.1
HIGH8.1HashiCorp Consul Access Restriction Bypass in github.com/hashicorp/consul
>= 1.4.0, < 1.4.3
HIGH8.1HashiCorp Consul Access Restriction Bypass in github.com/hashicorp/consul
>= 1.4.0, < 1.4.3
HIGH7.5Denial of service in HashiCorp Consul in github.com/hashicorp/consul
>= 1.7.0, < 1.7.9, >= 1.8.0, < 1.8.5
HIGH7.5Denial of service in HashiCorp Consul in github.com/hashicorp/consul
>= 1.7.0, < 1.7.9
HIGH7.5HashiCorp Consul Incorrect Access Control vulnerability in github.com/hashicorp/consul
>= 1.4.0, < 1.5.1
HIGH7.5HashiCorp Consul Incorrect Access Control vulnerability in github.com/hashicorp/consul
>= 1.4.0, < 1.5.1
HIGH7.5Consul Peering Imported Nodes/Services Leak
>= 1.13.0, < 1.14.0
HIGH7.5Consul Peering Imported Nodes/Services Leak
>= 1.13.0, < 1.14.0
HIGH7.5Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector in github.com/hashicorp/consul
from 0, < 1.9.17, >= 1.10.0, < 1.10.10, >= 1.11.0, < 1.11.5
HIGH7.5Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector in github.com/hashicorp/consul
from 0, < 1.9.17
HIGH7.5HashiCorp Consul L7 deny intention results in an allow action in github.com/hashicorp/consul
from 0, < 1.10.1
HIGH7.5HashiCorp Consul L7 deny intention results in an allow action in github.com/hashicorp/consul
from 0, < 1.10.1
HIGH7.5Hashicorp Consul Missing SSL Certificate Validation in github.com/hashicorp/consul
from 0, < 1.10.1
HIGH7.5Hashicorp Consul Missing SSL Certificate Validation in github.com/hashicorp/consul
from 0, < 1.10.1
HIGH7.5Allocation of Resources Without Limits or Throttling in Hashicorp Consul in github.com/hashicorp/consul
>= 1.2.0, < 1.6.6, >= 1.7.0, < 1.7.4
HIGH7.5Allocation of Resources Without Limits or Throttling in Hashicorp Consul in github.com/hashicorp/consul
>= 1.2.0, < 1.6.6
HIGH7.5Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul
from 0, < 1.6.3
HIGH7.5Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul
from 0, < 1.6.3
HIGH7.4JWT Auth in L7 Intentions Allow For Mismatched Service Identity and JWT Providers for Access
>= 1.16.0, < 1.16.1
HIGH7.4JWT Auth in L7 Intentions Allow For Mismatched Service Identity and JWT Providers for Access
>= 1.16.0, < 1.16.1
HIGH7.4HashiCorp Consul vulnerable to Origin Validation Error in github.com/hashicorp/consul
from 0, < 1.4.4
HIGH7.4HashiCorp Consul vulnerable to Origin Validation Error in github.com/hashicorp/consul
from 0, < 1.4.4
HIGH7.1Improper handling of node names in JWT claims assertions in github.com/hashicorp/consul
>= 1.8.1, < 1.11.9, >= 1.12.0, < 1.12.5, >= 1.13.0, < 1.13.2
HIGH7.1Improper handling of node names in JWT claims assertions in github.com/hashicorp/consul
>= 1.8.1, < 1.11.9
MEDIUM6.8Consul vulnerable to arbitrary file reads through the vault kubernetes authentication provider
from 0, < 1.18.21
MEDIUM6.8Consul vulnerable to arbitrary file reads through the vault kubernetes authentication provider
from 0, < 1.22.5
MEDIUM6.5Consul's KV endpoint is vulnerable to denial of service
from 0, < 1.22.0
MEDIUM6.5Consul's event endpoint is vulnerable to denial of service
from 0, < 1.22.0
MEDIUM6.5Consul's KV endpoint is vulnerable to denial of service
from 0, < 1.22.0
MEDIUM6.5Consul's event endpoint is vulnerable to denial of service
from 0, < 1.22.0
MEDIUM6.5Privilege Escalation in HashiCorp Consul in github.com/hashicorp/consul
>= 1.2.0, < 1.6.10
MEDIUM6.5Privilege Escalation in HashiCorp Consul in github.com/hashicorp/consul
>= 1.2.0, < 1.6.10, >= 1.7.0, < 1.7.10, >= 1.8.0, < 1.8.6
MEDIUM6.5Consul Server Panic when Ingress and API Gateways Configured with Peering
>= 1.14.0, < 1.14.5
MEDIUM6.5Consul Server Panic when Ingress and API Gateways Configured with Peering
>= 1.14.0, < 1.14.5
MEDIUM6.5HashiCorp Consul vulnerable to authorization bypass in github.com/hashicorp/consul
from 0, < 1.11.9, >= 1.12.0, < 1.12.5, >= 1.13.0, < 1.13.2
MEDIUM6.5HashiCorp Consul vulnerable to authorization bypass in github.com/hashicorp/consul
from 0, < 1.11.9
MEDIUM6.5HashiCorp Consul Ingress Gateway Panic Can Shutdown Servers in github.com/hashicorp/consul
>= 1.8.0, < 1.9.15
MEDIUM6.5HashiCorp Consul Ingress Gateway Panic Can Shutdown Servers in github.com/hashicorp/consul
>= 1.8.0, < 1.9.15, >= 1.10.0, < 1.10.8, >= 1.11.0, < 1.11.3
MEDIUM6.5HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. in github.com/hashicorp/consul
from 0, < 1.8.15, >= 1.9.0, < 1.9.9, >= 1.10.1, < 1.10.2
MEDIUM6.5HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. in github.com/hashicorp/consul
>= 1.10.1, < 1.10.2
MEDIUM6.1Consul Vulnerable To Reflected XSS On Content-Type Error Manipulation
>= 1.4.1, < 1.20.0
MEDIUM6.1Consul Vulnerable To Reflected XSS On Content-Type Error Manipulation
>= 1.4.1, < 1.20.0
MEDIUM6.1HashiCorp Consul Cross-site Scripting vulnerability in github.com/hashicorp/consul
>= 1.9.0, < 1.9.5
MEDIUM6.1HashiCorp Consul Cross-site Scripting vulnerability in github.com/hashicorp/consul
from 0, < 1.7.14, >= 1.8.0, < 1.8.10, >= 1.9.0, < 1.9.5
MEDIUM5.9HashiCorp Consul can use cleartext agent-to-agent RPC communication in github.com/hashicorp/consul
>= 0.5.1, < 1.4.1
MEDIUM5.9HashiCorp Consul can use cleartext agent-to-agent RPC communication in github.com/hashicorp/consul
>= 0.5.1, < 1.4.1
MEDIUM5.3Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul
>= 1.6.0-beta1, < 1.6.6
MEDIUM5.3Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul
>= 1.6.0-beta1, < 1.6.6, >= 1.7.0, < 1.7.4
MEDIUM5.3Incorrect Authorization in HashiCorp Consul in github.com/hashicorp/consul
>= 1.4.1, < 1.6.3
MEDIUM5.3Incorrect Authorization in HashiCorp Consul in github.com/hashicorp/consul
>= 1.4.1, < 1.6.3
MEDIUM5.3Incorrect Permission Assignment for Critical Resource in Hashicorp Consul in github.com/hashicorp/consul
>= 1.6.0, < 1.6.6, >= 1.7.0, < 1.7.4
MEDIUM5.3Incorrect Permission Assignment for Critical Resource in Hashicorp Consul in github.com/hashicorp/consul
>= 1.6.0, < 1.6.6
MEDIUM5.3Improper Input Validation in HashiCorp Consul in github.com/hashicorp/consul
>= 1.6.0-beta1, < 1.6.6
MEDIUM5.3Improper Input Validation in HashiCorp Consul in github.com/hashicorp/consul
>= 1.6.0-beta1, < 1.6.6, >= 1.7.0, < 1.7.4
MEDIUM4.9Consul Cluster Peering can Result in Denial of Service
from 0, < 1.14.5, >= 1.15.0, < 1.15.3
MEDIUM4.9Consul Cluster Peering can Result in Denial of Service
from 0, < 1.14.5