Lucene search
K

24 matches found

EUVD
EUVD
added 2 hours ago4 views

EUVD-2026-42346

The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in consul-templat...

4.7CVSS5.9AI score
Exploits0References2
NVD
NVD
added 3 hours ago4 views

CVE-2026-14361

The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in consul-templat...

4.7CVSS
Exploits0References1
Cvelist
Cvelist
added 3 hours ago6 views

CVE-2026-14361 Consul-template is vulnerable to path redirection in writeToFile through symlink attack

The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in consul-templat...

4.7CVSS
Exploits0References1
CVE
CVE
added 3 hours ago9 views

CVE-2026-14361

The CVE-2026-14361 issue affects consul-template prior to 0.42.1, where the writeToFile helper opens the destination path directly and follows links in the path. This can allow template output to be written outside the intended directory or overwrite an existing file. The root cause is path redir...

4.7CVSS5.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.11 views

CVE-2026-5061

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...

4.7CVSS5.4AI score0.00109EPSS
Exploits0References1
OSV
OSV
added 2026/05/14 8:38 a.m.7 views

BIT-CONSUL-2026-5061 Consul-template vulnerable to sandbox path bypass in file helper via a symlink attack

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...

4.7CVSS5.8AI score0.00109EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 3:31 p.m.11 views

EUVD-2026-29483

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...

4.7CVSS5.8AI score0.00109EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 3:16 p.m.33 views

CVE-2026-5061

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...

4.7CVSS0.00109EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/12 3:7 p.m.7 views

Security Bulletin: Consul-template vulnerable to sandbox path bypass in file helper via a symlink attack

Summary The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0. Vulnerability Details CVEID:CVE-2026-5061 DESCRIPTION:...

4.7CVSS5.7AI score0.00109EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 1:58 p.m.8 views

CVE-2026-5061 Consul-template vulnerable to sandbox path bypass in file helper via a symlink attack

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...

4.7CVSS5.8AI score0.00109EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 1:58 p.m.10 views

CVE-2026-5061

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...

4.7CVSS5.8AI score0.00109EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/12 1:58 p.m.17 views

CVE-2026-5061

The affected software is consul-template. Before version 0.42.0, the library’s file template helper is vulnerable to a sandbox path bypass that may allow reading an out-of-sandbox file. The underlying issue is a path bypass in the file template helper, enabling access outside the intended sandbox...

4.7CVSS5.8AI score0.00109EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 1:58 p.m.41 views

CVE-2026-5061 Consul-template vulnerable to sandbox path bypass in file helper via a symlink attack

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...

4.7CVSS0.00109EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.18 views

PT-2026-40036

Name of the Vulnerable Software and Affected Versions consul-template versions prior to 0.42.0 Description A sandbox path bypass exists in the file template helper, which may allow an attacker to read files located outside of the intended sandbox directory. Recommendations Update to version 0.42....

4.7CVSS5.8AI score0.00109EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6511

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00718EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/08/18 12:0 a.m.22 views

HashiCorp Consul Template could reveal Vault secret contents in error messages

In HashiCorp Consul Template through version 0.29.1, invalid templates could inadvertently reveal the contents of Vault secret in errors returned by the template.Template.Execute 5 method, when given a template using Vault secret contents incorrectly. This method has been updated to redact Vault...

7.5CVSS7.1AI score0.00718EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2022/08/17 3:15 p.m.18 views

CVE-2022-38149

HashiCorp Consul Template up to 0.27.2, 0.28.2, and 0.29.1 may expose the contents of Vault secrets in the error returned by the template.Template.Execute method, when given a template using Vault secret contents incorrectly. Fixed in 0.27.3, 0.28.3, and 0.29.2...

7.5CVSS0.00718EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/17 3:15 p.m.4 views

CVE-2022-38149

HashiCorp Consul Template up to 0.27.2, 0.28.2, and 0.29.1 may expose the contents of Vault secrets in the error returned by the template.Template.Execute method, when given a template using Vault secret contents incorrectly. Fixed in 0.27.3, 0.28.3, and 0.29.2...

7.5CVSS7.1AI score0.00718EPSS
Exploits0References3
Prion
Prion
added 2022/08/17 3:15 p.m.27 views

Design/Logic Flaw

HashiCorp Consul Template up to 0.27.2, 0.28.2, and 0.29.1 may expose the contents of Vault secrets in the error returned by the template.Template.Execute method, when given a template using Vault secret contents incorrectly. Fixed in 0.27.3, 0.28.3, and 0.29.2...

5CVSS7.4AI score0.00718EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/08/17 2:30 p.m.22 views

CVE-2022-38149

HashiCorp Consul Template up to 0.27.2, 0.28.2, and 0.29.1 may expose the contents of Vault secrets in the error returned by the template.Template.Execute method, when given a template using Vault secret contents incorrectly. Fixed in 0.27.3, 0.28.3, and 0.29.2...

7.5CVSS7.4AI score0.00718EPSS
Exploits0References4
Rows per page
Query Builder