vulnerability

FreeBSD: VID-093a6baf-9f99-11eb-b150-000c292ee6b8 (CVE-2021-28156): Consul -- Multiple vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Apr 17, 2021

Added

Nov 4, 2022

Modified

Mar 25, 2026

Description

Hashicorp reports: Add content-type headers to raw KV responses to prevent XSS attacks (CVE-2020-25864). audit-logging: Parse endpoint URL to prevent requests from bypassing the audit log (CVE-2021-28156).

Solution

freebsd-upgrade-package-consul

References

CVE-2021-28156
https://attackerkb.com/topics/CVE-2021-28156
EUVD-EUVD-2021-14854
https://euvd.enisa.europa.eu/vulnerability/EUVD-2021-14854

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report