3 matches found
UBUNTU-CVE-2022-24685
HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. Fixed in 1.0.18, 1.1.12, and 1.2.6...
PT-2022-16799 · Hashicorp · Nomad Enterprise +1
Name of the Vulnerable Software and Affected Versions: HashiCorp Nomad and Nomad Enterprise versions prior to 1.0.17 HashiCorp Nomad and Nomad Enterprise versions prior to 1.1.12 HashiCorp Nomad and Nomad Enterprise versions prior to 1.2.6 Description: The issue allows for invalid HCL for the job...
Nomad Malformed Job Parsing Results in Excessive CPU Usage
Summary Nomad and Nomad Enterprise “Nomad” allows anyone with access to Nomad’s API to submit HCL formatted jobs for parsing to return the equivalent JSON. This endpoint allowed malformed HCL configuration to be evaluated, resulting in excessive CPU usage on Nomad server agents. This vulnerabilit...