HashiCorp Nomad 0.5.0 through 0.9.4 (fixed in 0.9.5) reveals unintended environment variables to the rendering task during template rendering, aka GHSA-6hv3-7c34-4hx8. This applies to nomad/client/allocrunner/taskrunner/template.
References
Link | Resource |
---|---|
https://advisories.gitlab.com/advisory/advgo_github_com_hashicorp_nomad_client_allocrunner_taskrunner_template_GMS_2022_818.html | Third Party Advisory |
https://www.hashicorp.com/blog/category/nomad | Product Vendor Advisory |
Configurations
History
No history.
Information
Published : 2022-12-26 21:15
Updated : 2024-02-28 19:51
NVD link : CVE-2019-14802
Mitre link : CVE-2019-14802
CVE.ORG link : CVE-2019-14802
JSON object : View
Products Affected
hashicorp
- nomad
CWE