VYPR

Consul Template

by Hashicorp

Source repositories

CVEs (2)

  • CVE-2026-5061MedMay 12, 2026
    risk 0.24cvss 4.7epss 0.00

    The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability (CVE-2026-5061) is fixed in consul-template 0.42.0.

  • CVE-2022-38149Aug 17, 2022
    risk 0.00cvss epss 0.01

    HashiCorp Consul Template up to 0.27.2, 0.28.2, and 0.29.1 may expose the contents of Vault secrets in the error returned by the *template.Template.Execute method, when given a template using Vault secret contents incorrectly. Fixed in 0.27.3, 0.28.3, and 0.29.2.

VYPR — Vulnerability Intelligence