CVE-2020-25864

Опубликовано: 20 апр. 2021

Источник: debian

Описание

HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
consul	fixed	1.8.7+dfsg1-2		package
consul	ignored		buster	package

Примечания

https://bugzilla.redhat.com/show_bug.cgi?id=1950275
https://github.com/hashicorp/consul/pull/10023

Связанные уязвимости

CVE-2020-25864

CVSS3: 6.1

ubuntu

почти 5 лет назад

HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.

CVE-2020-25864

CVSS3: 6.1

redhat

почти 5 лет назад

HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.

CVE-2020-25864

CVSS3: 6.1

nvd

почти 5 лет назад

HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.

GHSA-8xmx-h8rq-h94j

CVSS3: 6.1

github

больше 3 лет назад

HashiCorp Consul Cross-site Scripting vulnerability