Moderate severityNVD Advisory· Published Feb 16, 2023· Updated Mar 18, 2025
Nomad Client Vulnerable to Decompression Bombs in Artifact Block
CVE-2023-0821
Description
HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source can cause excessive disk usage. Fixed in 1.2.16, 1.3.9, and 1.4.4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/hashicorp/nomadGo | >= 1.2.15, < 1.2.16 | 1.2.16 |
github.com/hashicorp/nomadGo | >= 1.3.0, < 1.3.9 | 1.3.9 |
github.com/hashicorp/nomadGo | >= 1.4.0, < 1.4.4 | 1.4.4 |
Affected products
3- Range: 0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.