CVE-2022-24685

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-24685
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24685.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-24685
Aliases
Related
Published
2022-02-28T14:15:08Z
Modified
2025-02-19T03:28:06.000643Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. Fixed in 1.0.18, 1.1.12, and 1.2.6.

References

Affected packages

Git / github.com/hashicorp/nomad

Affected ranges

Type
GIT
Repo
https://github.com/hashicorp/nomad
Events

Affected versions

v1.*

v1.1.0
v1.1.10
v1.1.11
v1.1.2
v1.1.3
v1.1.4
v1.1.5
v1.1.6
v1.1.7
v1.1.8
v1.1.9