CVE-2022-24685

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-24685

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24685.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-24685

Aliases

Downstream

UBUNTU-CVE-2022-24685

Published

2022-02-28T14:15:08.497Z

Modified

2026-02-10T04:35:24.972642Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. Fixed in 1.0.18, 1.1.12, and 1.2.6.

References

Affected packages

Git / github.com/hashicorp/nomad

Affected ranges

Type: GIT
Repo: https://github.com/hashicorp/nomad
Events: Introduced

f99f1e27bb66bee36a1f3cdf00335e81e93ffff2

Fixed

8469293aa07056a0f8682e76716e12f0178fe4c8

Introduced

bee0c3e04eb4ce34b8ac22ff27fcb421a9dccec5

Fixed

95514d569610f15ce49b4a7a1a6bfd3e7b3e7b4f

Affected versions

v1.*

v1.1.0

v1.1.2

v1.1.3

v1.2.0

v1.2.1

v1.2.2

v1.2.3

v1.2.4

v1.2.5

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24685.json"