Vulnerability
CVE-2022-29153
[CVE-2022-29153] CWE-918: Server-Side Request Forgery (SSRF)
Description
HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5.
Deviation Notice:
Sonatype's research suggests that this CVE's details differ from those
defined at NVD or other reporting sources; sign in for details.
Sign up and see:
Detailed deviation notices:
- Detailed deviations
- References
- Custom Descriptions [Coming Soon]