22 matches found
CVE-2026-9291 Insecure Deserialization in Amazon Braket SDK Job Results Processing
Insecure deserialization in the job results processing component in Amazon Braket SDK before 1.117.0 might allow a remote authenticated user with S3 write access to the job output bucket to achieve arbitrary code execution on any machine that processes job results. We recommend you upgrade to...
CVE-2026-9291
Insecure deserialization in the job results processing component in Amazon Braket SDK before 1.117.0 might allow a remote authenticated user with S3 write access to the job output bucket to achieve arbitrary code execution on any machine that processes job results. We recommend you upgrade to...
EUVD-2015-1393
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2023-0845
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to...
Linux Distros Unpatched Vulnerability : CVE-2023-2816
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy...
CVE-2022-24687
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 clusters with at least one Ingress Gateway allow a user with service:write to register a specifically-defined service that can cause Consul servers to panic. Fixed in 1.9.15, 1.10.8, and 1.11.3...
AZL-35303 CVE-2023-2816 affecting package telegraf for versions less than 1.29.4-1
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
CVE-2023-2816
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
CVE-2023-2816
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
CVE-2023-2816 Consul Envoy Extension Downsteam Proxy Configuration By Upstream Service Owner
Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...
HashiCorp Consul 安全漏洞
HashiCorp Consul is a suite of distributed, highly available data center-aware solutions from HashiCorp USA. The product is used to connect and provision applications across a dynamically distributed infrastructure. A security vulnerability exists in HashiCorp Consul, Consul Enterprise versions...
PT-2023-21601 · Hashicorp · Hashicorp Consul +1
Name of the Vulnerable Software and Affected Versions: Consul and Consul Enterprise affected versions not specified Description: The issue allows any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the...
Denial Of Service (DoS)
github.com/hashicorp/consul is vulnerable to Denial Of Service DoS. The vulnerability exists because upstream watch handling was shared between connect-proxy and gateways, allowing an attacker with service:write permission to cause a server and client crash...
Consul Server Panic when Ingress and API Gateways Configured with Peering Connections
A vulnerability was identified in Consul and Consul Enterprise “Consul” an authenticated user with service:write permissions could trigger a workflow that causes Consul server and client agents to crash under certain circumstances. To exploit this vulnerability, an attacker requires access to an...
CVE-2023-0845
Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5...
UBUNTU-CVE-2023-0845
Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5...
CVE-2023-0845 Consul Server Panic when Ingress and API Gateways Configured with Peering
Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5...
PT-2023-2223 · Hashicorp +2 · Hashicorp Consul +3
Name of the Vulnerable Software and Affected Versions: Consul versions prior to 1.14.5 Consul Enterprise versions prior to 1.14.5 Description: The issue is related to an authenticated user with service:write permissions triggering a workflow that causes the Consul server and client agents to cras...
CVE-2022-24687
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 clusters with at least one Ingress Gateway allow a user with service:write to register a specifically-defined service that can cause Consul servers to panic. Fixed in 1.9.15, 1.10.8, and 1.11.3...
DEBIAN-CVE-2022-24687
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 clusters with at least one Ingress Gateway allow a user with service:write to register a specifically-defined service that can cause Consul servers to panic. Fixed in 1.9.15, 1.10.8, and 1.11.3...