Primary

Context

HashiCorp Consul-Template Sandbox Path Bypass Vulnerability Allowing Out-of-Sandbox File Access

Vulnerability

Patched

A sandbox path bypass vulnerability has been identified in the HashiCorp Consul-Template library, affecting versions prior to 0.42.0. The issue arises in the file template helper, where the sandbox_path restriction can be circumvented, potentially allowing the reading of files outside the designated safe directory. This vulnerability creates a time-of-check time-of-use gap, enabling an attacker to exploit symlinks to access unauthorized files.

Impact

Exploitation of this vulnerability could lead to unauthorized access to files outside the designated sandbox path, potentially exposing sensitive information.

Remediation

Users are advised to upgrade to Consul-Template version 0.42.0.

Added: May 12, 2026, 3:29 PM

Updated: May 12, 2026, 3:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

3.3

remediation

7.7

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

3.3

remediation

7.7

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HashiCorp Consul-Template Sandbox Path Bypass Vulnerability Allowing Out-of-Sandbox File Access

Vulnerability

Impact

Remediation

Affected Products

HashiCorp consul-template

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating