VYPR
High severityNVD Advisory· Published Oct 30, 2024· Updated Jan 10, 2025

Consul L7 Intentions Vulnerable To URL Path Bypass

CVE-2024-10005

Description

A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/hashicorp/consulGo
>= 1.9.0, < 1.20.11.20.1

Affected products

30

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.