CVE-2022-29153: Server-Side Request Forgery (SSRF)

April 19, 2022 (updated February 23, 2023)

HashiCorp Consul and Consul Enterprise through 2022-04-12 allow SSRF.

References

discuss.hashicorp.com/
discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/38393
nvd.nist.gov/vuln/detail/CVE-2022-29153

Code Behaviors & Features

Detect and mitigate CVE-2022-29153 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →