Affected by GO-2022-0559
and 14 other vulnerabilities
GO-2022-0559: HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. in github.com/hashicorp/consul
GO-2022-0593: HashiCorp Consul Privilege Escalation Vulnerability in github.com/hashicorp/consul
GO-2022-0615: Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector in github.com/hashicorp/consul
GO-2022-0776: Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul
GO-2022-0859: Improper Input Validation in HashiCorp Consul in github.com/hashicorp/consul
GO-2022-0861: Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul
GO-2022-0874: Incorrect Authorization in HashiCorp Consul in github.com/hashicorp/consul
GO-2022-0879: Allocation of Resources Without Limits or Throttling in Hashicorp Consul in github.com/hashicorp/consul
GO-2022-0894: Hashicorp Consul Missing SSL Certificate Validation in github.com/hashicorp/consul
GO-2022-0895: HashiCorp Consul L7 deny intention results in an allow action in github.com/hashicorp/consul
GO-2022-1029: HashiCorp Consul vulnerable to authorization bypass in github.com/hashicorp/consul
GO-2023-1827: Hashicorp Consul vulnerable to denial of service in github.com/hashicorp/consul
GO-2023-1851: HashiCorp Consul Cross-site Scripting vulnerability in github.com/hashicorp/consul
GO-2024-2505: Privilege Escalation in HashiCorp Consul in github.com/hashicorp/consul
GO-2024-3242: Hashicorp Consul Cross-site Scripting vulnerability in github.com/hashicorp/consul
Compile assembles a discovery chain in the form of a graph of nodes using
raw config entries and local context.
"Node" referenced in this file refers to a node in a graph and not to the
Consul construct called a "Node".
Omitting router and splitter entries for services not using an L7 protocol
(like HTTP) happens during initial fetching, but for sanity purposes a quick
reinforcement of that happens here, too.
May return a *structs.ConfigEntryGraphError, but that is only expected when
being used to validate modifications to the config entry graph. It should
not be expected when compiling existing entries at runtime that are already
valid.