Описание
HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 0.10.3.
Ссылки
- Issue TrackingMitigationThird Party Advisory
- Vendor Advisory
- Issue TrackingMitigationThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.10.3 (исключая)Версия до 0.10.3 (исключая)
Одно из
cpe:2.3:a:hashicorp:nomad:*:*:*:*:-:*:*:*
cpe:2.3:a:hashicorp:nomad:*:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 73%
0.00772
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-770
Связанные уязвимости
CVSS3: 7.5
ubuntu
около 6 лет назад
HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 0.10.3.
CVSS3: 7.5
debian
около 6 лет назад
HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services al ...
CVSS3: 7.5
github
больше 4 лет назад
Allocation of Resources Without Limits or Throttling in HashiCorp Nomad
EPSS
Процентиль: 73%
0.00772
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-770