CVE-2021-3283

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-3283

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3283.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-3283

Aliases

Related

UBUNTU-CVE-2021-3283

Published

2021-02-01T16:15:13Z

Modified

2025-02-19T03:20:51.389400Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Fixed in 0.12.10, and 1.0.3.

References

https://discuss.hashicorp.com/t/hcsec-2021-01-nomad-s-exec-and-java-task-drivers-did-not-isolate-processes/20332

Affected packages

Git / github.com/hashicorp/nomad

Affected ranges

Type: GIT
Repo: https://github.com/hashicorp/nomad
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

239be4e591feac949408d48fbd8446f9c54d9107

Affected versions

Other

show

v0.*

v0.0.0

v0.1.0

v0.1.1

v0.1.2

v0.10.0

v0.10.0-beta1

v0.10.0-rc1

v0.10.1

v0.10.2

v0.10.2-rc1

v0.11.2

v0.12.0

v0.12.0-rc1

v0.12.1

v0.12.2

v0.12.3

v0.12.4

v0.12.4-rc1

v0.12.5

v0.12.6

v0.12.7

v0.12.8

v0.12.9

v0.2.0

v0.2.1

v0.2.2

v0.2.3

v0.2.3-rc1

v0.3.0

v0.3.0-rc2

v0.3.1

v0.3.2

v0.3.2-rc1

v0.3.2-rc2

v0.3rc1

v0.4.0

v0.4.0-rc1

v0.4.0-rc2

v0.4.1

v0.4.1-rc1

v0.5.0

v0.5.0-rc1

v0.5.0-rc2

v0.5.1

v0.5.1-rc1

v0.5.1-rc2

v0.5.2

v0.5.2-rc1

v0.5.3

v0.5.3-rc1

v0.5.4

v0.5.5

v0.5.5-rc1

v0.5.5-rc2

v0.5.6

v0.5.6-rc1

v0.6.0

v0.6.0-rc1

v0.6.0-rc2

v0.6.1

v0.6.2

v0.6.3-rc1

v0.7.0

v0.7.0-rc1

v0.7.0-rc2

v0.7.0-rc3

v0.7.1

v0.7.1-rc1

v0.8.0

v0.8.0-rc1

v0.8.2

v0.8.3

v0.8.4

v0.8.4-rc1

v0.9.0

v0.9.0-beta1

v0.9.0-beta2

v0.9.0-beta3

v0.9.0-rc1

v0.9.0-rc2

v0.9.2

v0.9.2-rc1

v0.9.3

v0.9.4

v0.9.4-rc1