VIR Vulnerability Intelligence Relay

Package impact

golang Go / github.com/hashicorp/consul

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2021-38698 high 8.0 5y ago HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. in github.com/hashicorp/consul
CVE-2021-37219 high 8.0 5y ago HashiCorp Consul Privilege Escalation Vulnerability in github.com/hashicorp/consul
CVE-2020-28053 medium 5.5 2y ago Privilege Escalation in HashiCorp Consul in github.com/hashicorp/consul
CVE-2020-25201 medium 5.5 2y ago Denial of service in HashiCorp Consul in github.com/hashicorp/consul
CVE-2020-25864 medium 5.5 4y ago HashiCorp Consul Cross-site Scripting vulnerability in github.com/hashicorp/consul
CVE-2021-36213 medium 5.5 5y ago HashiCorp Consul L7 deny intention results in an allow action in github.com/hashicorp/consul
CVE-2021-32574 medium 5.5 5y ago Hashicorp Consul Missing SSL Certificate Validation in github.com/hashicorp/consul
CVE-2026-2808 unknown 3mo ago Consul is vulnerable to arbitrary file read when configured with Kubernetes authentication in github.com/hashicorp/consul
CVE-2025-11374 unknown 7mo ago Consul key/value endpoint is vulnerable to denial of service in github.com/hashicorp/consul
CVE-2025-11375 unknown 7mo ago Consul event endpoint is vulnerable to denial of service in github.com/hashicorp/consul
CVE-2024-10086 unknown 2y ago Hashicorp Consul Cross-site Scripting vulnerability in github.com/hashicorp/consul
CVE-2024-10006 unknown 2y ago Hashicorp Consul Improper Neutralization of HTTP Headers for Scripting Syntax vulnerability in github.com/hashicorp/consul
CVE-2024-10005 unknown 2y ago Hashicorp Consul Path Traversal vulnerability in github.com/hashicorp/consul
CVE-2023-3518 unknown 3y ago Consul JWT Auth in L7 Intentions Allow for Mismatched Service Identity and JWT Providers in github.com/hashicorp/consul
CVE-2019-12291 unknown 3y ago HashiCorp Consul Incorrect Access Control vulnerability in github.com/hashicorp/consul
CVE-2023-1297 unknown 3y ago Hashicorp Consul vulnerable to denial of service in github.com/hashicorp/consul
CVE-2023-2816 unknown 3y ago Hashicorp Consul allows user with service:write permissions to patch remote proxy instances in github.com/hashicorp/consul
CVE-2023-0845 unknown 3y ago Consul Server Panic when Ingress and API Gateways Configured with Peering Connections in github.com/hashicorp/consul
CVE-2022-3920 unknown 4y ago Missing Authorization in HashiCorp Consul in github.com/hashicorp/consul
CVE-2022-40716 unknown 4y ago HashiCorp Consul vulnerable to authorization bypass in github.com/hashicorp/consul
CVE-2021-41803 unknown 4y ago Improper handling of node names in JWT claims assertions in github.com/hashicorp/consul
CVE-2018-19653 unknown 4y ago HashiCorp Consul can use cleartext agent-to-agent RPC communication in github.com/hashicorp/consul
CVE-2019-9764 unknown 4y ago HashiCorp Consul vulnerable to Origin Validation Error in github.com/hashicorp/consul
CVE-2019-8336 unknown 4y ago HashiCorp Consul Access Restriction Bypass in github.com/hashicorp/consul
CVE-2022-29153 unknown 4y ago Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector in github.com/hashicorp/consul
CVE-2022-24687 unknown 4y ago HashiCorp Consul Ingress Gateway Panic Can Shutdown Servers in github.com/hashicorp/consul
CVE-2020-12758 unknown 4y ago Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul
CVE-2020-7955 unknown 5y ago Incorrect Authorization in HashiCorp Consul in github.com/hashicorp/consul
CVE-2020-12797 unknown 5y ago Incorrect Permission Assignment for Critical Resource in Hashicorp Consul in github.com/hashicorp/consul
CVE-2020-13250 unknown 5y ago Allocation of Resources Without Limits or Throttling in Hashicorp Consul in github.com/hashicorp/consul
CVE-2020-13170 unknown 5y ago Improper Input Validation in HashiCorp Consul in github.com/hashicorp/consul
CVE-2020-7219 unknown 5y ago Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul