VYPR
High severity7.5NVD Advisory· Published Feb 17, 2022· Updated Jun 17, 2026

CVE-2022-24683

CVE-2022-24683

Description

HashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec (or job-submit) capabilities to read arbitrary files on the host filesystem as root.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/hashicorp/nomadGo
>= 0.9.2, < 1.0.181.0.18
github.com/hashicorp/nomadGo
>= 1.1.0, < 1.1.121.1.12
github.com/hashicorp/nomadGo
>= 1.2.0, < 1.2.61.2.6

Affected products

2

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.