HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas. Fixed in 0.12.6, 0.11.5, and 0.10.6
References
Link | Resource |
---|---|
https://github.com/hashicorp/nomad/blob/master/CHANGELOG.md#0126-october-21-2020 | Release Notes Third Party Advisory |
https://www.nomadproject.io/downloads | Product |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2020-10-22 17:15
Updated : 2024-02-28 18:08
NVD link : CVE-2020-27195
Mitre link : CVE-2020-27195
CVE.ORG link : CVE-2020-27195
JSON object : View
Products Affected
hashicorp
- nomad
CWE