GHSA-rqjq-mrgx-85hp

Опубликовано: 18 мая 2021

Источник: github

Github: Прошло ревью

CVSS3: 7.5

Описание

Allocation of Resources Without Limits or Throttling in Hashicorp Consul

HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service.

Specific Go Packages Affected

github.com/hashicorp/consul/agent/config

Fix

The vulnerability is fixed in versions 1.6.6 and 1.7.4.

Ссылки

Пакеты

Наименование

github.com/hashicorp/consul

Затронутые версииВерсия исправления

>= 1.2.0, < 1.6.6

1.6.6

Наименование

github.com/hashicorp/consul

Затронутые версииВерсия исправления

>= 1.7.0, < 1.7.4

1.7.4

EPSS

Процентиль: 75%

0.00867

Низкий

7.5 High

CVSS3

CVE ID

CVE-2020-13250

Дефекты

CWE-770

Связанные уязвимости

CVE-2020-13250

CVSS3: 7.5

ubuntu

больше 5 лет назад

HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service. Fixed in 1.6.6 and 1.7.4.

CVE-2020-13250

CVSS3: 7.5

nvd

больше 5 лет назад

HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service. Fixed in 1.6.6 and 1.7.4.

CVE-2020-13250

CVSS3: 7.5

debian

больше 5 лет назад

HashiCorp Consul and Consul Enterprise include an HTTP API (introduced ...

EPSS

Процентиль: 75%

0.00867

Низкий

7.5 High

CVSS3

CVE ID

CVE-2020-13250

Дефекты

CWE-770