luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

Merge pull request #10030 from hashicorp/fix-ent-audit-log-bypass 

Add synthetic enterprise entry for CVE-2021-28156
This commit is contained in:
Kent 'picat' Gruber 2021-04-14 20:08:51 -04:00 committed by GitHub
parent 2998db9cda 78ce699787
commit 7e9bcb06ca
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.changelog/_795.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:security
audit-logging: Parse endpoint URL to prevent requests from bypassing the audit log [CVE-2021-28156](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28156)
```