Note:
This project will be discontinued after December 13, 2021. [more]
2020-01-31
HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3.
| Products | Consul |
| Type | Uncontrolled Resource Consumption (CWE-400) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://github.com/hashicorp/consul/issues/7159
• https://www.hashicorp.com/blog/category/consul/ |