Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabilities enabling privilege escalation through the artifact stanza in submitted jobs onto the client agent host. Fixed in 1.1.14, 1.2.8, and 1.3.1.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Hashicorp Nomad 权限许可和访问控制问题漏洞
Vulnerability Description
Hashicorp Nomad是美国Hashicorp公司的一款分布式、数据中心感知的集群和应用程序调度程序。该程序支持部署微服务、批处理、容器化和非容器化应用程序。 Hashicorp Nomad 1.1.0 版本至1.1.13版本、1.2.0 版本至 1.2.7版本、1.1.0 版本至1.3.0 版本存在权限许可和访问控制问题漏洞,该漏洞源于没有在 go-getter 库中正确施加安全限制,攻击者可以利用该漏洞绕过安全限制和提权。
CVSS Information
N/A
Vulnerability Type
N/A