0.001 Low
EPSS
Percentile
30.9%
A flaw was found in the HashiCorp Nomad package. A job submitted with a maliciously compressed source (for example, “Zip Bomb”) in an artifact stanza can cause excessive disk resource consumption, crashing a Nomad client agent.
bugzilla.redhat.com/show_bug.cgi?id=2170843
discuss.hashicorp.com/t/hcsec-2023-05-nomad-client-vulnerable-to-decompression-bombs-in-artifact-block/50292
nvd.nist.gov/vuln/detail/CVE-2023-0821
www.cve.org/CVERecord?id=CVE-2023-0821