CVE-2022-38149
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-38149
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-38149.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-38149
- Aliases
- Withdrawn
- 2024-05-15T05:32:49.146375Z
- Published
- 2022-08-17T15:15:08Z
- Modified
- 2023-11-29T09:48:55.217287Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
HashiCorp Consul Template up to 0.27.2, 0.28.2, and 0.29.1 may expose the contents of Vault secrets in the error returned by the *template.Template.Execute method, when given a template using Vault secret contents incorrectly. Fixed in 0.27.3, 0.28.3, and 0.29.2.
- References
Affected packages
Git / github.com/hashicorp/consul-template
Affected ranges
- Type
- GIT
- Repo
- https://github.com/hashicorp/consul-template
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v0.*
v0.1.0
v0.1.1
v0.10.0
v0.11.0
v0.11.1
v0.12.0
v0.12.1
v0.12.2
v0.13.0
v0.14.0
v0.15.0
v0.16.0
v0.16.0-rc1
v0.18.0
v0.18.0-rc1
v0.18.0-rc3
v0.18.1
v0.18.2
v0.18.3
v0.18.4
v0.18.5
v0.19.0
v0.19.1
v0.19.2
v0.19.3
v0.19.4
v0.19.5
v0.2.0
v0.20.0
v0.20.1
v0.21.0
v0.21.1
v0.21.2
v0.21.3
v0.22.0
v0.22.1
v0.23.0
v0.24.0
v0.24.1
v0.25.0
v0.25.1
v0.25.2
v0.26.0
v0.27.0
v0.27.1
v0.27.2
v0.28.0
v0.29.0
v0.29.1
v0.3.0
v0.3.1
v0.4.0
v0.5.0
v0.5.1
v0.6.0
v0.6.1
v0.6.5
v0.7.0
v0.8.0
v0.9.0