Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:golang/github.com/hashicorp/consul@1.6.6
Typegolang
Namespacegithub.com/hashicorp
Nameconsul
Version1.6.6
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.6.10
Latest_non_vulnerable_version1.22.5
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2dmf-rj8w-xycm
vulnerability_id VCID-2dmf-rj8w-xycm
summary 
Denial of Service (DoS) in HashiCorp Consul
HashiCorp Consul and Consul Enterprise could crash when configured with an abnormally-formed service-router entry. Introduced in 1.6.0, fixed in 1.6.6 and 1.7.4.
### Specific Go Packages Affected
github.com/hashicorp/consul/agent/consul/discoverychain
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12758
reference_id
reference_type
scores
0
value 0.0063
scoring_system epss
scoring_elements 0.70367
published_at 2026-04-29T12:55:00Z
1
value 0.0063
scoring_system epss
scoring_elements 0.70265
published_at 2026-04-08T12:55:00Z
2
value 0.0063
scoring_system epss
scoring_elements 0.7028
published_at 2026-04-09T12:55:00Z
3
value 0.0063
scoring_system epss
scoring_elements 0.70304
published_at 2026-04-11T12:55:00Z
4
value 0.0063
scoring_system epss
scoring_elements 0.70289
published_at 2026-04-12T12:55:00Z
5
value 0.0063
scoring_system epss
scoring_elements 0.70276
published_at 2026-04-13T12:55:00Z
6
value 0.0063
scoring_system epss
scoring_elements 0.70317
published_at 2026-04-16T12:55:00Z
7
value 0.0063
scoring_system epss
scoring_elements 0.70326
published_at 2026-04-18T12:55:00Z
8
value 0.0063
scoring_system epss
scoring_elements 0.70308
published_at 2026-04-21T12:55:00Z
9
value 0.0063
scoring_system epss
scoring_elements 0.70361
published_at 2026-04-24T12:55:00Z
10
value 0.0063
scoring_system epss
scoring_elements 0.70369
published_at 2026-04-26T12:55:00Z
11
value 0.0063
scoring_system epss
scoring_elements 0.70212
published_at 2026-04-01T12:55:00Z
12
value 0.0063
scoring_system epss
scoring_elements 0.70225
published_at 2026-04-02T12:55:00Z
13
value 0.0063
scoring_system epss
scoring_elements 0.70242
published_at 2026-04-04T12:55:00Z
14
value 0.0063
scoring_system epss
scoring_elements 0.70219
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12758
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12758
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12758
2
reference_url https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md
3
reference_url https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
4
reference_url https://github.com/hashicorp/consul/commit/69b44fb9424cfdc05f1b7243876ab10d236ef1fc
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/commit/69b44fb9424cfdc05f1b7243876ab10d236ef1fc
5
reference_url https://github.com/hashicorp/consul/pull/7783
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/pull/7783
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-12758
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-12758
fixed_packages
0
url pkg:golang/github.com/hashicorp/consul@1.6.6
purl pkg:golang/github.com/hashicorp/consul@1.6.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/hashicorp/consul@1.6.6
1
url pkg:golang/github.com/hashicorp/consul@1.7.4
purl pkg:golang/github.com/hashicorp/consul@1.7.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/hashicorp/consul@1.7.4
aliases CVE-2020-12758, GHSA-q2qr-3c2p-9235
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2dmf-rj8w-xycm
1
url VCID-cqzz-az3e-kych
vulnerability_id VCID-cqzz-az3e-kych
summary 
Improper Input Validation in HashiCorp Consul
HashiCorp Consul and Consul Enterprise did not appropriately enforce scope for local tokens issued by a primary data center, where replication to a secondary data center was not enabled. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.
### Specific Go Packages Affected
github.com/hashicorp/consul/agent
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13170
reference_id
reference_type
scores
0
value 0.00514
scoring_system epss
scoring_elements 0.66628
published_at 2026-04-29T12:55:00Z
1
value 0.00514
scoring_system epss
scoring_elements 0.66515
published_at 2026-04-07T12:55:00Z
2
value 0.00514
scoring_system epss
scoring_elements 0.66564
published_at 2026-04-08T12:55:00Z
3
value 0.00514
scoring_system epss
scoring_elements 0.66578
published_at 2026-04-09T12:55:00Z
4
value 0.00514
scoring_system epss
scoring_elements 0.66597
published_at 2026-04-11T12:55:00Z
5
value 0.00514
scoring_system epss
scoring_elements 0.66585
published_at 2026-04-12T12:55:00Z
6
value 0.00514
scoring_system epss
scoring_elements 0.66553
published_at 2026-04-13T12:55:00Z
7
value 0.00514
scoring_system epss
scoring_elements 0.66588
published_at 2026-04-16T12:55:00Z
8
value 0.00514
scoring_system epss
scoring_elements 0.66606
published_at 2026-04-18T12:55:00Z
9
value 0.00514
scoring_system epss
scoring_elements 0.66589
published_at 2026-04-21T12:55:00Z
10
value 0.00514
scoring_system epss
scoring_elements 0.66613
published_at 2026-04-24T12:55:00Z
11
value 0.00514
scoring_system epss
scoring_elements 0.6648
published_at 2026-04-01T12:55:00Z
12
value 0.00514
scoring_system epss
scoring_elements 0.66519
published_at 2026-04-02T12:55:00Z
13
value 0.00514
scoring_system epss
scoring_elements 0.66544
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13170
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13170
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13170
2
reference_url https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md
3
reference_url https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
4
reference_url https://github.com/hashicorp/consul/commit/242994a016a181d6c62a5bb83189716ad13d4216
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/commit/242994a016a181d6c62a5bb83189716ad13d4216
5
reference_url https://github.com/hashicorp/consul/pull/8068
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/pull/8068
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13170
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13170
fixed_packages
0
url pkg:golang/github.com/hashicorp/consul@1.6.6
purl pkg:golang/github.com/hashicorp/consul@1.6.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/hashicorp/consul@1.6.6
1
url pkg:golang/github.com/hashicorp/consul@1.7.4
purl pkg:golang/github.com/hashicorp/consul@1.7.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/hashicorp/consul@1.7.4
aliases CVE-2020-13170, GHSA-p2j5-3f4c-224r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cqzz-az3e-kych
2
url VCID-jm2d-ejbf-qfhz
vulnerability_id VCID-jm2d-ejbf-qfhz
summary 
Allocation of Resources Without Limits or Throttling in Hashicorp Consul
HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service.

### Specific Go Packages Affected
github.com/hashicorp/consul/agent/config

### Fix
The vulnerability is fixed in versions 1.6.6 and 1.7.4.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13250
reference_id
reference_type
scores
0
value 0.00867
scoring_system epss
scoring_elements 0.75231
published_at 2026-04-29T12:55:00Z
1
value 0.00867
scoring_system epss
scoring_elements 0.75142
published_at 2026-04-04T12:55:00Z
2
value 0.00867
scoring_system epss
scoring_elements 0.75119
published_at 2026-04-07T12:55:00Z
3
value 0.00867
scoring_system epss
scoring_elements 0.75153
published_at 2026-04-13T12:55:00Z
4
value 0.00867
scoring_system epss
scoring_elements 0.75165
published_at 2026-04-12T12:55:00Z
5
value 0.00867
scoring_system epss
scoring_elements 0.75187
published_at 2026-04-11T12:55:00Z
6
value 0.00867
scoring_system epss
scoring_elements 0.7519
published_at 2026-04-16T12:55:00Z
7
value 0.00867
scoring_system epss
scoring_elements 0.75197
published_at 2026-04-18T12:55:00Z
8
value 0.00867
scoring_system epss
scoring_elements 0.75186
published_at 2026-04-21T12:55:00Z
9
value 0.00867
scoring_system epss
scoring_elements 0.75224
published_at 2026-04-24T12:55:00Z
10
value 0.00867
scoring_system epss
scoring_elements 0.75228
published_at 2026-04-26T12:55:00Z
11
value 0.00867
scoring_system epss
scoring_elements 0.75109
published_at 2026-04-01T12:55:00Z
12
value 0.00867
scoring_system epss
scoring_elements 0.75112
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13250
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13250
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13250
2
reference_url https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md
3
reference_url https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
4
reference_url https://github.com/hashicorp/consul/commit/72f92ae7ca4cabc1dc3069362a9b64ef46941432
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/commit/72f92ae7ca4cabc1dc3069362a9b64ef46941432
5
reference_url https://github.com/hashicorp/consul/pull/8023
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/pull/8023
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13250
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13250
fixed_packages
0
url pkg:golang/github.com/hashicorp/consul@1.6.6
purl pkg:golang/github.com/hashicorp/consul@1.6.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/hashicorp/consul@1.6.6
1
url pkg:golang/github.com/hashicorp/consul@1.7.4
purl pkg:golang/github.com/hashicorp/consul@1.7.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/hashicorp/consul@1.7.4
aliases CVE-2020-13250, GHSA-rqjq-mrgx-85hp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jm2d-ejbf-qfhz
3
url VCID-th2f-96u1-syhg
vulnerability_id VCID-th2f-96u1-syhg
summary 
Incorrect Permission Assignment for Critical Resource	in Hashicorp Consul
HashiCorp Consul and Consul Enterprise failed to enforce changes to legacy ACL token rules due to non-propagation to secondary data centers. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4.
### Specific Go Packages Affected
github.com/hashicorp/consul/agent/structs
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12797
reference_id
reference_type
scores
0
value 0.00407
scoring_system epss
scoring_elements 0.6117
published_at 2026-04-29T12:55:00Z
1
value 0.00407
scoring_system epss
scoring_elements 0.61129
published_at 2026-04-04T12:55:00Z
2
value 0.00407
scoring_system epss
scoring_elements 0.61095
published_at 2026-04-07T12:55:00Z
3
value 0.00407
scoring_system epss
scoring_elements 0.61143
published_at 2026-04-08T12:55:00Z
4
value 0.00407
scoring_system epss
scoring_elements 0.61158
published_at 2026-04-09T12:55:00Z
5
value 0.00407
scoring_system epss
scoring_elements 0.61178
published_at 2026-04-11T12:55:00Z
6
value 0.00407
scoring_system epss
scoring_elements 0.61165
published_at 2026-04-12T12:55:00Z
7
value 0.00407
scoring_system epss
scoring_elements 0.61146
published_at 2026-04-13T12:55:00Z
8
value 0.00407
scoring_system epss
scoring_elements 0.61186
published_at 2026-04-16T12:55:00Z
9
value 0.00407
scoring_system epss
scoring_elements 0.61192
published_at 2026-04-18T12:55:00Z
10
value 0.00407
scoring_system epss
scoring_elements 0.61173
published_at 2026-04-21T12:55:00Z
11
value 0.00407
scoring_system epss
scoring_elements 0.61162
published_at 2026-04-24T12:55:00Z
12
value 0.00407
scoring_system epss
scoring_elements 0.61177
published_at 2026-04-26T12:55:00Z
13
value 0.00407
scoring_system epss
scoring_elements 0.61023
published_at 2026-04-01T12:55:00Z
14
value 0.00407
scoring_system epss
scoring_elements 0.61101
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12797
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12797
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12797
2
reference_url https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/blob/v1.6.6/CHANGELOG.md
3
reference_url https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
4
reference_url https://github.com/hashicorp/consul/commit/98eea08d3ba1b220a14cf6eedf3b6b07ae2795d7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/commit/98eea08d3ba1b220a14cf6eedf3b6b07ae2795d7
5
reference_url https://github.com/hashicorp/consul/issues/5606
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/issues/5606
6
reference_url https://github.com/hashicorp/consul/pull/8047
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/consul/pull/8047
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-12797
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-12797
fixed_packages
0
url pkg:golang/github.com/hashicorp/consul@1.6.6
purl pkg:golang/github.com/hashicorp/consul@1.6.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/hashicorp/consul@1.6.6
1
url pkg:golang/github.com/hashicorp/consul@1.7.4
purl pkg:golang/github.com/hashicorp/consul@1.7.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/hashicorp/consul@1.7.4
aliases CVE-2020-12797, GHSA-hwqm-x785-qh8p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-th2f-96u1-syhg
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:golang/github.com/hashicorp/consul@1.6.6