HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service.
github.com/hashicorp/consul/agent/config
The vulnerability is fixed in versions 1.6.6 and 1.7.4.