Описание
HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Fixed in 1.4.2.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | DNE | |
| kinetic | DNE | |
| trusty | ignored | end of standard support |
| upstream | released | 1.4.2 |
| xenial | ignored | end of standard support |
Показывать по
10
5 Medium
CVSS3
Связанные уязвимости
CVSS3: 5
nvd
около 3 лет назад
HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Fixed in 1.4.2.
CVSS3: 5
debian
около 3 лет назад
HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identi ...
CVSS3: 5
github
около 3 лет назад
HashiCorp Nomad vulnerable to non-sensitive metadata exposure
5 Medium
CVSS3