CVE-2020-27195

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-27195

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-27195.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-27195

Aliases

Related

UBUNTU-CVE-2020-27195

Published

2020-10-22T17:15:12Z

Modified

2025-02-19T03:10:32.897480Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator

Summary

[none]

Details

HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas. Fixed in 0.12.6, 0.11.5, and 0.10.6

References

Affected packages

Git / github.com/hashicorp/nomad

Affected ranges

Type: GIT
Repo: https://github.com/hashicorp/nomad
Events: Introduced

ca5cd15eeffd40b68043c94eefff1ec7e6dc703f

Last affected

3c6abec8d4a5c1af96ac3e1910a90949390dea19

Introduced

b1aa9e2166e72b75d7e0ed39ff456393beb0f421

Last affected

ec7bf9de21bfe3623ff04b009f26aaf488bae2b1

Introduced

28e768721992df5097203eea6e2b247abd56ca6f

Last affected

fce99f12a297c9f83160450bc632611877e07873

Affected versions

v0.*

v0.10.0

v0.10.0-beta1

v0.10.0-rc1

v0.10.1

v0.10.2

v0.10.2-rc1

v0.10.4

v0.10.5

v0.11.2

v0.11.3

v0.11.4

v0.12.0

v0.12.1

v0.12.2

v0.12.3

v0.12.4

v0.12.4-rc1

v0.12.5

v0.9.0

v0.9.2

v0.9.2-rc1

v0.9.3

v0.9.4

v0.9.4-rc1