VulnerableCode Package Details - pkg:golang/github.com/hashicorp/consul@1.6.3

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:golang/github.com/hashicorp/consul@1.6.3

purl	pkg:golang/github.com/hashicorp/consul@1.6.3

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-gkgb-5g8x-7fgf	Denial of Service (DoS) in HashiCorp Consul HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3. ### Specific Go Packages Affected github.com/hashicorp/consul/agent/consul	CVE-2020-7219 GHSA-23jv-v6qj-3fhh
VCID-xzyq-wm1j-dkcu	Incorrect Authorization in HashiCorp Consul HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. Fixed in 1.6.3.	CVE-2020-7955 GHSA-r9w6-rhh9-7v53

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:02:41.270288+00:00	GithubOSV Importer	Fixing	VCID-gkgb-5g8x-7fgf	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/05/GHSA-23jv-v6qj-3fhh/GHSA-23jv-v6qj-3fhh.json	38.0.0
2026-04-01T13:02:13.713268+00:00	GithubOSV Importer	Fixing	VCID-xzyq-wm1j-dkcu	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/07/GHSA-r9w6-rhh9-7v53/GHSA-r9w6-rhh9-7v53.json	38.0.0