Wind River Support Network

HomeDefectsLIN1019-8840
Fixed

LIN1019-8840 : Security Advisory - consul - CVE-2021-41803

Created: Sep 21, 2022    Updated: Sep 27, 2022
Resolved Date: Sep 27, 2022
Found In Version: 10.19.45.1
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Userspace

Description

HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2.

https://nvd.nist.gov/vuln/detail/CVE-2021-41803
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube