Lucene search
CVE-2021-41803
🗓️ 23 Sep 2022 01:08:15Reported by Alpine Linux Development TeamType 
alpinelinux🔗 security.alpinelinux.org👁 58 Views
HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate node or segment names prior to interpolation in JWT claim assertions with auto config RPC. Fixed in 1.11.9, 1.12.5, 1.13.
Show more
| Reporter | Title | Published | Views | Family All 31 |
|---|---|---|---|---|
 | BIT-consul-2021-41803 | 6 Mar 202410:52 | – | osv |
| CGA-X38P-P6H4-33CC | 6 Jun 202412:26 | – | osv |
| GO-2024-2683 Improper handling of node names in JWT claims assertions in github.com/hashicorp/consul | 5 Apr 202416:54 | – | osv |
| CVE-2021-41803 | 23 Sep 202201:15 | – | osv |
| HashiCorp Consul does not properly validate node or segment names prior to usage in JWT claim assertions | 25 Sep 202200:00 | – | osv |
 | CVE-2021-41803 | 23 Sep 202200:00 | – | cvelist |
 | CVE-2021-41803 | 23 Sep 202201:15 | – | debiancve |
 | CVE-2021-41803 | 23 Sep 202201:15 | – | nvd |
 | CVE-2021-41803 vulnerabilities | 23 Sep 202201:15 | – | cgr |
 | Design/Logic Flaw | 23 Sep 202201:15 | – | prion |
10
| OS | OS Version | Architecture | Package | Package Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.16-community | noarch | consul | 1.12.5-r0 | UNKNOWN |
| Alpine | 3.17-community | noarch | consul | 1.13.2-r0 | UNKNOWN |
| Alpine | 3.18-community | noarch | consul | 1.13.2-r0 | UNKNOWN |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo23 Sep 2022 01:15Current
7High risk
Vulners AI Score7
CVSS37.1
EPSS0.00276