HashiCorp Nomad and Nomad Enterprise 1.0.2 up to 1.2.12, and 1.3.5 jobs submitted with an artifact stanza using invalid S3 or GCS URLs can be used to crash client agents. Fixed in 1.2.13, 1.3.6, and 1.4.0.
References
Link | Resource |
---|---|
https://discuss.hashicorp.com/t/hcsec-2022-22-nomad-panics-on-job-submission-with-bad-artifact-stanza-source-url/45420 | Vendor Advisory |
https://discuss.hashicorp.com | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2022-10-11 17:15
Updated : 2022-10-13 10:16
NVD link : CVE-2022-41606
Mitre link : CVE-2022-41606
JSON object : View
CWE
Products Affected
hashicorp
- nomad