Identifier

CVE-2020-13250

Package Slug

go/github.com/hashicorp/consul/config

Vulnerability

Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

HashiCorp Consul and Consul Enterprise include an HTTP API caching feature that was vulnerable to denial of service.

Affected Versions

All versions starting from 1.2.0 before 1.6.6, all versions starting from 1.7.0 before 1.7.4

Solution

Upgrade to versions 1.6.6, 1.7.4 or above.

Last Modified

2020-06-19

source