GHSA-7v3g-4878-5qrf
Suggest an improvement- Source
- https://github.com/advisories/GHSA-7v3g-4878-5qrf
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/10/GHSA-7v3g-4878-5qrf/GHSA-7v3g-4878-5qrf.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-7v3g-4878-5qrf
- Aliases
- Published
- 2022-10-12T12:00:21Z
- Modified
- 2024-08-21T16:28:55.237633Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Nomad Panics On Job Submission With Bad Artifact Stanza Source URL
- Details
-
HashiCorp Nomad and Nomad Enterprise 1.0.2 up to 1.2.12, and 1.3.5 jobs submitted with an artifact stanza using invalid S3 or GCS URLs can be used to crash client agents. Fixed in 1.2.13, 1.3.6, and 1.4.0.
- Database specific
{ "nvd_published_at": "2022-10-12T00:15:00Z", "cwe_ids": [], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2022-10-12T20:03:06Z" }- References
Affected packages
Go / github.com/hashicorp/nomad
Package
- Name
- github.com/hashicorp/nomad
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/hashicorp/nomad
Go / github.com/hashicorp/nomad
Package
- Name
- github.com/hashicorp/nomad
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/hashicorp/nomad