HashiCorp Nomad 0.5.0 through 0.9.4 (fixed in 0.9.5) reveals unintended environment variables to the rendering task during template rendering, aka GHSA-6hv3-7c34-4hx8. This applies to nomad/client/allocrunner/taskrunner/template.
References
Link | Resource |
---|---|
https://advisories.gitlab.com/advisory/advgo_github_com_hashicorp_nomad_client_allocrunner_taskrunner_template_GMS_2022_818.html | Third Party Advisory |
https://www.hashicorp.com/blog/category/nomad | Product Vendor Advisory |
https://advisories.gitlab.com/advisory/advgo_github_com_hashicorp_nomad_client_allocrunner_taskrunner_template_GMS_2022_818.html | Third Party Advisory |
https://www.hashicorp.com/blog/category/nomad | Product Vendor Advisory |
Configurations
History
21 Nov 2024, 04:27
Type | Values Removed | Values Added |
---|---|---|
References | () https://advisories.gitlab.com/advisory/advgo_github_com_hashicorp_nomad_client_allocrunner_taskrunner_template_GMS_2022_818.html - Third Party Advisory | |
References | () https://www.hashicorp.com/blog/category/nomad - Product, Vendor Advisory |
Information
Published : 2022-12-26 21:15
Updated : 2024-11-21 04:27
NVD link : CVE-2019-14802
Mitre link : CVE-2019-14802
CVE.ORG link : CVE-2019-14802
JSON object : View
Products Affected
hashicorp
- nomad
CWE