Описание
HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed image paths. Fixed in 1.0.14, 1.1.8, and 1.2.1.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | DNE | |
| focal | ignored | end of standard support, was needs-triage |
| hirsute | ignored | end of life |
| impish | DNE | |
| jammy | DNE |
Показывать по
EPSS
6 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed image paths. Fixed in 1.0.14, 1.1.8, and 1.2.1.
HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed image paths. Fixed in 1.0.14, 1.1.8, and 1.2.1.
HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, w ...
EPSS
6 Medium
CVSS2
8.8 High
CVSS3