Merge pull request #10030 from hashicorp/fix-ent-audit-log-bypass

Add synthetic enterprise entry for CVE-2021-28156
This commit is contained in:
Kent 'picat' Gruber 2021-04-14 20:08:51 -04:00 committed by hashicorp-ci
parent 10ca99b793
commit 065fe32c1b
1 changed files with 3 additions and 0 deletions

3
.changelog/_795.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:security
audit-logging: Parse endpoint URL to prevent requests from bypassing the audit log [CVE-2021-28156](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28156)
```