VDB
DEBIAN-CVE-2025-11375
DEBIAN-CVE-2025-11375
PUBLISHED
CVSS 6.5 MEDIUM
Consul and Consul Enterprise’s (“Consul”) event endpoint is vulnerable to denial of service (DoS) due to lack of maximum value on the Content Length header. This vulnerability, CVE-2025-11375, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12.
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | consul | 0, 1.10.12+dfsg1-1, 1.8.7+dfsg1-2 |
Timeline
- Oct 28, 2025 CVE Published
- Apr 28, 2026 CVE Updated