x/vulndb: potential Go vuln in github.com/hashicorp/consul/agent: GHSA-p2j5-3f4c-224r

[GoVulnBot]

In GitHub Security Advisory GHSA-p2j5-3f4c-224r, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
github.com/hashicorp/consul/agent	1.7.4	>= 1.7.0, < 1.7.4

Cross references:

• CVE-2020-13170 appears in issue x/vulndb: potential Go vuln in github.com/hashicorp/consul/agent: GHSA-p2j5-3f4c-224r #859 NOT_IMPORTABLE
• GHSA-p2j5-3f4c-224r appears in issue x/vulndb: potential Go vuln in github.com/hashicorp/consul/agent: GHSA-p2j5-3f4c-224r #859 NOT_IMPORTABLE

See doc/triage.md for instructions on how to triage this report.

modules:
  - module: TODO
    versions:
      - introduced: 1.7.0
        fixed: 1.7.4
    packages:
      - package: github.com/hashicorp/consul/agent
  - module: TODO
    versions:
      - introduced: 1.6.0-beta1
        fixed: 1.6.6
    packages:
      - package: github.com/hashicorp/consul/agent
description: HashiCorp Consul and Consul Enterprise did not appropriately enforce
    scope for local tokens issued by a primary data center, where replication to a
    secondary data center was not enabled. Introduced in 1.4.0, fixed in 1.6.6 and
    1.7.4.
cves:
  - CVE-2020-13170
ghsas:
  - GHSA-p2j5-3f4c-224r

[tatianab]

Duplicate of #859