Количество 6
Количество 6
CVE-2024-7625
In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability, CVE-2024-7625, is fixed in Nomad 1.6.14, 1.7.11, and 1.8.3. Access or compromise of the Nomad client agent at the source allocation first is a prerequisite for leveraging this vulnerability.
CVE-2024-7625
In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability, CVE-2024-7625, is fixed in Nomad 1.6.14, 1.7.11, and 1.8.3. Access or compromise of the Nomad client agent at the source allocation first is a prerequisite for leveraging this vulnerability.
CVE-2024-7625
In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.1 ...
ROS-20240910-05
Уязвимость nomad
GHSA-25qx-vfw2-fw8r
Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking
BDU:2024-07001
Уязвимость оркестратора приложений Nomad, связанная с некорректным внешним управлением именем или путем файла при загрузке данных, позволяющая нарушителю создать архив, который распакует файл по путям за пределами предполагаемого каталога распределения
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-7625 In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability, CVE-2024-7625, is fixed in Nomad 1.6.14, 1.7.11, and 1.8.3. Access or compromise of the Nomad client agent at the source allocation first is a prerequisite for leveraging this vulnerability. | CVSS3: 5.8 | 0% Низкий | около 1 года назад |
 | CVE-2024-7625 In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability, CVE-2024-7625, is fixed in Nomad 1.6.14, 1.7.11, and 1.8.3. Access or compromise of the Nomad client agent at the source allocation first is a prerequisite for leveraging this vulnerability. | CVSS3: 5.8 | 0% Низкий | около 1 года назад |
| CVE-2024-7625 In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.1 ... | CVSS3: 5.8 | 0% Низкий | около 1 года назад |
 | ROS-20240910-05 Уязвимость nomad | CVSS3: 5.8 | 0% Низкий | около 1 года назад |
| GHSA-25qx-vfw2-fw8r Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking | CVSS3: 5.8 | 0% Низкий | около 1 года назад |
 | BDU:2024-07001 Уязвимость оркестратора приложений Nomad, связанная с некорректным внешним управлением именем или путем файла при загрузке данных, позволяющая нарушителю создать архив, который распакует файл по путям за пределами предполагаемого каталога распределения | CVSS3: 5.8 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу