Astra Linux - уязвимость в consul

The HashiCorp Consul and Consul Enterprise versions up to 1.9.4 had a key-value KV raw mode that was vulnerable to cross-site scripting attacks. This issue was fixed in versions 1.9.5, 1.8.10, and 1.7.14...

SUSE CVE-2024-10005

A vulnerability was identified in Consul and Consul Enterprise “Consul” such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules...

SUSE CVE-2024-10006

A vulnerability was identified in Consul and Consul Enterprise “Consul” such that using Headers in L7 traffic intentions could bypass HTTP header based access rules...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via the the Vault Kubernetes Authentication Provider. An attacker can access sensitive files by specifying tokenpath configuration parameter to any file on the Consul server node that later returned as jwt data and sent t...

DEBIAN-CVE-2026-2808

HashiCorp Consul and Consul Enterprise 1.18.20 up to 1.21.10 and 1.22.4 are vulnerable to arbitrary file read when configured with Kubernetes authentication. This vulnerability, CVE-2026-2808, is fixed in Consul 1.18.21, 1.21.11 and 1.22.5...

UBUNTU-CVE-2026-2808

HashiCorp Consul and Consul Enterprise 1.18.20 up to 1.21.10 and 1.22.4 are vulnerable to arbitrary file read when configured with Kubernetes authentication. This vulnerability, CVE-2026-2808, is fixed in Consul 1.18.21, 1.21.11 and 1.22.5...

CVE-2026-2808

HashiCorp Consul and Consul Enterprise 1.18.20 up to 1.21.10 and 1.22.4 are vulnerable to arbitrary file read when configured with Kubernetes authentication. This vulnerability, CVE-2026-2808, is fixed in Consul 1.18.21, 1.21.11 and 1.22.5...

PT-2026-24892

Name of the Vulnerable Software and Affected Versions HashiCorp Consul versions 1.18.20 through 1.21.10 HashiCorp Consul version 1.22.4 HashiCorp Consul Enterprise versions 1.18.20 through 1.21.10 HashiCorp Consul Enterprise version 1.22.4 Description HashiCorp Consul and Consul Enterprise are...

HashiCorp Consul和HashiCorp Consul Enterprise 安全漏洞

HashiCorp Consul and HashiCorp Consul Enterprise are both products of the American company HashiCorp. HashiCorp Consul is a distributed, highly available data center awareness solution. It is used for connecting and configuring applications across dynamic distributed infrastructures. HashiCorp...

ROS-20251203-16

A vulnerability in the Consul and Consul Enterprise service configuration tool is related to incorrect validation of the Content Length of the Content Length header. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service Vulnerability in the Consul an...

Security Bulletin:Consul’s event endpoint is vulnerable to denial of service

Summary Consul and Consul Enterprise’s “Consul” event endpoint is vulnerable to denial of service DoS due to lack of maximum value on the Content Length header. Vulnerability Details CVEID: CVE-2025-11375 DESCRIPTION: Consul and Consul Enterprise’s “Consul” event endpoint is vulnerable to denial ...

Linux Distros Unpatched Vulnerability : CVE-2025-11374

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Consul and Consul Enterprise's Consul key/value endpoint is vulnerable to denial of service DoS due to incorrect Content Length header validation. This...

CVE-2025-11374

CVE-2025-11374 affects HashiCorp Consul and Consul Enterprise, specifically the key/value endpoint, due to incorrect Content Length header validation leading to DoS. IBM’s security bulletin documents affected versions: Consul Community Edition 0.0.1–1.21.5 and Consul Enterprise 1.21.0–1.21.51.20....

CVE-2025-11375

Consul and Consul Enterprise’s “Consul” event endpoint is vulnerable to denial of service DoS due to lack of maximum value on the Content Length header. This vulnerability, CVE-2025-11375, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...

CVE-2025-11375 Consul's event endpoint is vulnerable to denial of service

Consul and Consul Enterprise’s “Consul” event endpoint is vulnerable to denial of service DoS due to lack of maximum value on the Content Length header. This vulnerability, CVE-2025-11375, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...

HashiCorp Consul和HashiCorp Consul Enterprise 安全漏洞

HashiCorp Consul and HashiCorp Consul Enterprise are both products of HashiCorp, Inc. of the U.S. HashiCorp Consul is a suite of distributed, highly available data center-aware solutions. The product is used to connect and provision applications across dynamically distributed...

PT-2025-44211

Name of the Vulnerable Software and Affected Versions Consul versions prior to 1.22.0 Consul Enterprise versions prior to 1.22.0 Consul Enterprise version 1.21.6 Consul Enterprise version 1.20.8 Consul Enterprise version 1.18.12 Description The key/value endpoint in Consul and Consul Enterprise i...

HashiCorp Consul和HashiCorp Consul Enterprise 安全漏洞

HashiCorp Consul and HashiCorp Consul Enterprise are both products of HashiCorp, Inc. of the U.S. HashiCorp Consul is a suite of distributed, highly available data center-aware solutions. The product is used to connect and provision applications across dynamically distributed...

EUVD-2021-14854

Malware in sbrugna...

EUVD-2021-0892

Malware in sbrugna...