CVE-2023-0821 — Improper Handling of Highly Compressed Data (Data Amplification) in Hashicorp Nomad
Severity
6.5MEDIUMNVD
EPSS
0.5%
top 36.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 16
Latest updateAug 20
Description
HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source can cause excessive disk usage. Fixed in 1.2.16, 1.3.9, and 1.4.4.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6
Affected Packages4 packages
🔴Vulnerability Details
5📋Vendor Advisories
1Red Hat
▶