GHSA-gw2g-hhc9-wgjh

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/11/GHSA-gw2g-hhc9-wgjh/GHSA-gw2g-hhc9-wgjh.json
Aliases
  • CVE-2022-3920
Published
2022-11-16T12:00:20Z
Modified
2022-11-21T23:53:03Z
Details

HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering's imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0.

References

Affected packages

Go / github.com/hashicorp/consul

github.com/hashicorp/consul

Affected ranges

Type
SEMVER
Events
Introduced
1.13.0
Fixed
1.14.0

Affected versions