CVE-2022-41606

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-41606

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-41606.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-41606

Aliases

Related

UBUNTU-CVE-2022-41606

Published

2022-10-12T00:15:10Z

Modified

2025-01-14T11:11:26.752252Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

HashiCorp Nomad and Nomad Enterprise 1.0.2 up to 1.2.12, and 1.3.5 jobs submitted with an artifact stanza using invalid S3 or GCS URLs can be used to crash client agents. Fixed in 1.2.13, 1.3.6, and 1.4.0.

References

Affected packages

Git / github.com/hashicorp/nomad

Affected ranges

Type: GIT
Repo: https://github.com/hashicorp/nomad
Events: Introduced

52e95d64113e01be05d585d8b4c07f6f19efebbc

Fixed

3076d2b2f087cbcffd54cdcdd0e60bacad2cc6f5

Affected versions

v1.*

v1.3.0

v1.3.1

v1.3.2

v1.3.3

v1.3.4

v1.3.5