Information on source package consul

Available versions

ReleaseVersion
buster1.0.7~dfsg1-5
bullseye1.8.7+dfsg1-2

Open issues

BugbusterbullseyeDescription
CVE-2023-5332vulnerable (no DSA)vulnerable (no DSA)Patch in third party library Consul requires 'enable-script-checks' to ...
CVE-2022-40716fixedvulnerable (no DSA)HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13. ...
CVE-2022-29153vulnerable (no DSA, ignored)vulnerable (no DSA)HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11. ...
CVE-2022-24687fixedvulnerableHashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, a ...
CVE-2021-41803fixedvulnerable (no DSA)HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properl ...
CVE-2021-38698fixedvulnerable (no DSA)HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allow ...
CVE-2021-37219vulnerable (no DSA, ignored)vulnerableHashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows no ...
CVE-2021-32574fixedvulnerable (no DSA)HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy prox ...
CVE-2020-25864vulnerable (no DSA, ignored)fixedHashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value ( ...
CVE-2020-7219vulnerable (no DSA, ignored)fixedHashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services a ...
CVE-2018-19653vulnerable (no DSA, ignored)fixedHashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent ...

Resolved issues

BugDescription
CVE-2023-3518HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for ...
CVE-2023-2816Consul and Consul Enterprise allowed any user with service:write permi ...
CVE-2023-1297Consul and Consul Enterprise's cluster peering implementation containe ...
CVE-2023-0845Consul and Consul Enterprise allowed an authenticated user with servic ...
CVE-2022-3920HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filt ...
CVE-2021-41805HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1. ...
CVE-2021-36213HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default de ...
CVE-2021-28156HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be ...
CVE-2020-28053HashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed opera ...
CVE-2020-25201HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a names ...
CVE-2020-13250HashiCorp Consul and Consul Enterprise include an HTTP API (introduced ...
CVE-2020-13170HashiCorp Consul and Consul Enterprise did not appropriately enforce s ...
CVE-2020-12797HashiCorp Consul and Consul Enterprise failed to enforce changes to le ...
CVE-2020-12758HashiCorp Consul and Consul Enterprise could crash when configured wit ...
CVE-2020-7955HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uni ...
CVE-2019-12291HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Key ...
CVE-2019-9764HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to ...
CVE-2019-8336HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a c ...

Search for package or bug name: Reporting problems