Vulnerabilities > Hashicorp > Consul > 1.20.0

DATE CVE VULNERABILITY TITLE RISK
2024-10-30 CVE-2024-10005 Path Traversal vulnerability in Hashicorp Consul
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.
network
low complexity
hashicorp CWE-22
5.8
5.8
2024-10-30 CVE-2024-10006 Improper Encoding or Escaping of Output vulnerability in Hashicorp Consul
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.
network
low complexity
hashicorp CWE-116
5.8
5.8