Количество 6
Количество 6
CVE-2024-7625
In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability, CVE-2024-7625, is fixed in Nomad 1.6.14, 1.7.11, and 1.8.3. Access or compromise of the Nomad client agent at the source allocation first is a prerequisite for leveraging this vulnerability.
CVE-2024-7625
In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability, CVE-2024-7625, is fixed in Nomad 1.6.14, 1.7.11, and 1.8.3. Access or compromise of the Nomad client agent at the source allocation first is a prerequisite for leveraging this vulnerability.
CVE-2024-7625
In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.1 ...
GHSA-25qx-vfw2-fw8r
Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking
BDU:2024-07001
Уязвимость оркестратора приложений Nomad, связанная с некорректным внешним управлением именем или путем файла при загрузке данных, позволяющая нарушителю создать архив, который распакует файл по путям за пределами предполагаемого каталога распределения
ROS-20240910-05
Уязвимость nomad
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-7625 In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability, CVE-2024-7625, is fixed in Nomad 1.6.14, 1.7.11, and 1.8.3. Access or compromise of the Nomad client agent at the source allocation first is a prerequisite for leveraging this vulnerability. | CVSS3: 5.8 | 0% Низкий | больше 1 года назад |
 | CVE-2024-7625 In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability, CVE-2024-7625, is fixed in Nomad 1.6.14, 1.7.11, and 1.8.3. Access or compromise of the Nomad client agent at the source allocation first is a prerequisite for leveraging this vulnerability. | CVSS3: 5.8 | 0% Низкий | больше 1 года назад |
| CVE-2024-7625 In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.1 ... | CVSS3: 5.8 | 0% Низкий | больше 1 года назад |
| GHSA-25qx-vfw2-fw8r Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking | CVSS3: 5.8 | 0% Низкий | больше 1 года назад |
 | BDU:2024-07001 Уязвимость оркестратора приложений Nomad, связанная с некорректным внешним управлением именем или путем файла при загрузке данных, позволяющая нарушителю создать архив, который распакует файл по путям за пределами предполагаемого каталога распределения | CVSS3: 5.8 | 0% Низкий | больше 1 года назад |
 | ROS-20240910-05 Уязвимость nomad | CVSS3: 5.8 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу