Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/consul@1.9.7-1
Typealpm
Namespacearchlinux
Nameconsul
Version1.9.7-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.9.8-1
Latest_non_vulnerable_version1.10.2-1
Affected_by_vulnerabilities
0
url VCID-65ru-yj23-qqbr
vulnerability_id VCID-65ru-yj23-qqbr
summary 
HashiCorp Consul L7 deny intention results in an allow action
In HashiCorp Consul before 1.10.1 (and Consul Enterprise), xds can generate a situation where a single L7 deny intention (with a default deny policy) results in an allow action.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-36213
reference_id
reference_type
scores
0
value 0.00765
scoring_system epss
scoring_elements 0.73478
published_at 2026-04-21T12:55:00Z
1
value 0.00765
scoring_system epss
scoring_elements 0.73383
published_at 2026-04-01T12:55:00Z
2
value 0.00765
scoring_system epss
scoring_elements 0.73392
published_at 2026-04-02T12:55:00Z
3
value 0.00765
scoring_system epss
scoring_elements 0.73414
published_at 2026-04-04T12:55:00Z
4
value 0.00765
scoring_system epss
scoring_elements 0.73387
published_at 2026-04-07T12:55:00Z
5
value 0.00765
scoring_system epss
scoring_elements 0.73424
published_at 2026-04-08T12:55:00Z
6
value 0.00765
scoring_system epss
scoring_elements 0.73437
published_at 2026-04-09T12:55:00Z
7
value 0.00765
scoring_system epss
scoring_elements 0.73461
published_at 2026-04-11T12:55:00Z
8
value 0.00765
scoring_system epss
scoring_elements 0.7344
published_at 2026-04-12T12:55:00Z
9
value 0.00765
scoring_system epss
scoring_elements 0.73433
published_at 2026-04-13T12:55:00Z
10
value 0.00765
scoring_system epss
scoring_elements 0.73475
published_at 2026-04-16T12:55:00Z
11
value 0.00765
scoring_system epss
scoring_elements 0.73484
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-36213
1
reference_url https://discuss.hashicorp.com/t/hcsec-2021-16-consul-s-application-aware-intentions-deny-action-fails-open-when-combined-with-default-deny-policy/26855
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://discuss.hashicorp.com/t/hcsec-2021-16-consul-s-application-aware-intentions-deny-action-fails-open-when-combined-with-default-deny-policy/26855
2
reference_url https://github.com/hashicorp/consul
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul
3
reference_url https://github.com/hashicorp/consul/releases/tag/v1.10.1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/releases/tag/v1.10.1
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-36213
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-36213
5
reference_url https://security.gentoo.org/glsa/202208-09
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202208-09
6
reference_url https://www.hashicorp.com/blog/category/consul
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.hashicorp.com/blog/category/consul
7
reference_url https://security.archlinux.org/ASA-202107-69
reference_id ASA-202107-69
reference_type
scores
url https://security.archlinux.org/ASA-202107-69
8
reference_url https://security.archlinux.org/AVG-2171
reference_id AVG-2171
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2171
fixed_packages
0
url pkg:alpm/archlinux/consul@1.9.8-1
purl pkg:alpm/archlinux/consul@1.9.8-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/consul@1.9.8-1
aliases CVE-2021-36213, GHSA-8h2g-r292-j8xh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-65ru-yj23-qqbr
1
url VCID-jfzf-ynb1-23bs
vulnerability_id VCID-jfzf-ynb1-23bs
summary 
Hashicorp Consul Missing SSL Certificate Validation
HashiCorp Consul before 1.10.1 (and Consul Enterprise) has Missing SSL Certificate Validation. xds does not ensure that the Subject Alternative Name of an upstream is validated.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32574
reference_id
reference_type
scores
0
value 0.00802
scoring_system epss
scoring_elements 0.74093
published_at 2026-04-12T12:55:00Z
1
value 0.00802
scoring_system epss
scoring_elements 0.74124
published_at 2026-04-21T12:55:00Z
2
value 0.00802
scoring_system epss
scoring_elements 0.74045
published_at 2026-04-02T12:55:00Z
3
value 0.00802
scoring_system epss
scoring_elements 0.7407
published_at 2026-04-04T12:55:00Z
4
value 0.00802
scoring_system epss
scoring_elements 0.74042
published_at 2026-04-07T12:55:00Z
5
value 0.00802
scoring_system epss
scoring_elements 0.74075
published_at 2026-04-08T12:55:00Z
6
value 0.00802
scoring_system epss
scoring_elements 0.74089
published_at 2026-04-09T12:55:00Z
7
value 0.00802
scoring_system epss
scoring_elements 0.74111
published_at 2026-04-11T12:55:00Z
8
value 0.00802
scoring_system epss
scoring_elements 0.74134
published_at 2026-04-18T12:55:00Z
9
value 0.00802
scoring_system epss
scoring_elements 0.74125
published_at 2026-04-16T12:55:00Z
10
value 0.00802
scoring_system epss
scoring_elements 0.74039
published_at 2026-04-01T12:55:00Z
11
value 0.00802
scoring_system epss
scoring_elements 0.74086
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32574
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32574
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32574
2
reference_url https://discuss.hashicorp.com/t/hcsec-2021-17-consul-s-envoy-tls-configuration-did-not-validate-destination-service-subject-alternative-names/26856
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://discuss.hashicorp.com/t/hcsec-2021-17-consul-s-envoy-tls-configuration-did-not-validate-destination-service-subject-alternative-names/26856
3
reference_url https://github.com/hashicorp/consul/releases/tag/v1.10.1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/releases/tag/v1.10.1
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-32574
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-32574
5
reference_url https://security.gentoo.org/glsa/202208-09
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202208-09
6
reference_url https://www.hashicorp.com/blog/category/consul
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.hashicorp.com/blog/category/consul
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991719
reference_id 991719
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991719
8
reference_url https://security.archlinux.org/ASA-202107-69
reference_id ASA-202107-69
reference_type
scores
url https://security.archlinux.org/ASA-202107-69
9
reference_url https://security.archlinux.org/AVG-2171
reference_id AVG-2171
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2171
fixed_packages
0
url pkg:alpm/archlinux/consul@1.9.8-1
purl pkg:alpm/archlinux/consul@1.9.8-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/consul@1.9.8-1
aliases CVE-2021-32574, GHSA-25gf-8qrr-g78r
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jfzf-ynb1-23bs
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/consul@1.9.7-1