HashiCorp Sentinel up to 0.10.1 incorrectly parsed negation in certain policy expressions. Fixed in 0.10.2.
References
Link | Resource |
---|---|
https://discuss.hashicorp.com/t/security-bulletin-sentinel-incorrectly-parses-negation-in-certain-policy-expressions/5955 | Exploit Vendor Advisory |
https://discuss.hashicorp.com/t/security-bulletin-sentinel-incorrectly-parses-negation-in-certain-policy-expressions/5955 | Exploit Vendor Advisory |
Configurations
History
21 Nov 2024, 04:35
Type | Values Removed | Values Added |
---|---|---|
References | () https://discuss.hashicorp.com/t/security-bulletin-sentinel-incorrectly-parses-negation-in-certain-policy-expressions/5955 - Exploit, Vendor Advisory |
Information
Published : 2020-02-14 17:15
Updated : 2024-11-21 04:35
NVD link : CVE-2019-19879
Mitre link : CVE-2019-19879
CVE.ORG link : CVE-2019-19879
JSON object : View
Products Affected
hashicorp
- sentinel
CWE