CVE-2025-11375 – Consul’s event endpoint is vulnerable to denial of service

CVE ID : CVE-2025-11375

Published : Oct. 28, 2025, 8:12 p.m. | 33 minutes ago

Description : Consul and Consul Enterprise’s (“Consul”) event endpoint is vulnerable to denial of service (DoS) due to lack of maximum value on the Content Length header. This vulnerability, CVE-2025-11375, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…