HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is fixed in Nomad 1.6.13, 1.7.10, and 1.8.2.
References
Configurations
No configuration.
History
24 Jul 2024, 12:55
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
23 Jul 2024, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-23 01:15
Updated : 2024-07-24 12:55
NVD link : CVE-2024-6717
Mitre link : CVE-2024-6717
CVE.ORG link : CVE-2024-6717
JSON object : View
Products Affected
No product.
CWE
CWE-610
Externally Controlled Reference to a Resource in Another Sphere