Lucene search
K

7 matches found

OSV
OSV
added 2024/04/05 4:54 p.m.36 views

GO-2024-2683 Improper handling of node names in JWT claims assertions in github.com/hashicorp/consul

HashiCorp Consul does not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC...

7.1CVSS6.8AI score0.00846EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 10:52 a.m.37 views

BIT-CONSUL-2021-41803

HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2."...

7.1CVSS6.8AI score0.00846EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/09/25 12:0 a.m.26 views

HashiCorp Consul does not properly validate node or segment names prior to usage in JWT claim assertions

HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 did not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2...

7.1CVSS6.5AI score0.00846EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2022/09/23 1:15 a.m.28 views

CVE-2021-41803

HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2."...

7.1CVSS0.00846EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2022/09/23 12:0 a.m.42 views

CVE-2021-41803

HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2."...

7.1CVSS6.8AI score0.00846EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2022/09/23 12:0 a.m.65 views

CVE-2021-41803

HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2."...

7.1CVSS7AI score0.00846EPSS
Exploits0
CVE
CVE
added 2022/09/23 12:0 a.m.2006 views

CVE-2021-41803

CVE-2021-41803 affects HashiCorp Consul 1.8.1–1.11.8, 1.12.4, and 1.13.1; root cause is improper validation of node/segment names before interpolation and usage in JWT claim assertions via auto config RPC. Consequences and exploitation details are not further described in the supplied documents. ...

7.1CVSS6.7AI score0.00846EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder