Описание
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| consul | removed | package | ||
| consul | end-of-life | bullseye | package |
Примечания
https://github.com/advisories/GHSA-chgm-7r52-whjj
EPSS
Связанные уязвимости
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.
Уязвимость инструмента настройки сервиса Consul, связанная с неверным ограничением имени пути к каталогу с ограниченным доступом, позволяющая нарушителю обойти ограничения безопасности
EPSS