Hashicorp Consul 1.13.1 Enterprise Edition

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:hashicorp:consul:1.13.1:*:*:*:enterprise:*:*:*

part: a version: 1.13.1 update: *

VendorHashicorp (dc524c16-6a01-528e-a41c-9d3e02e5e4a3)
ProductConsul (5323a3d1-770c-5792-8baa-0ccc723628c6)
Edition*
Language*
Software editionenterprise
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:deb/debian/consul purl2cpe 2026-06-01 10:14:57.185548
pkg:deb/ubuntu/consul purl2cpe 2026-06-01 10:14:57.185549
pkg:github/hashicorp/consul purl2cpe 2026-06-01 10:14:57.185550

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2021-41803 vulnerable 2026-06-03 14:45:26.252357 Details available
HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2."
Published: 2022-09-23T00:00:00.000Z
Updated: 2025-05-27T15:22:09.400Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.