Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-24685

Опубликовано: 28 фев. 2022
Источник: debian

Описание

HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. Fixed in 1.0.18, 1.1.12, and 1.2.6.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
nomadremovedpackage

Примечания

  • https://discuss.hashicorp.com/t/hcsec-2022-03-nomad-malformed-job-parsing-results-in-excessive-cpu-usage/35561

  • https://github.com/hashicorp/nomad/issues/12038

Связанные уязвимости

ubuntu логотип

CVE-2022-24685

CVSS3: 7.5
ubuntu
почти 4 года назад

HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. Fixed in 1.0.18, 1.1.12, and 1.2.6.

nvd логотип

CVE-2022-24685

CVSS3: 7.5
nvd
почти 4 года назад

HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. Fixed in 1.0.18, 1.1.12, and 1.2.6.

github логотип

GHSA-3382-r9q8-4hfg

CVSS3: 7.5
github
почти 4 года назад

HashiCorp Nomad vulnerable to Allocation of Resources Without Limits or Throttling