VYPR
Moderate severityNVD Advisory· Published Jul 19, 2023· Updated Oct 17, 2024

Nomad ACL Policies without Label are Applied to Unexpected Resources

CVE-2023-3072

Description

HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/hashicorp/nomadGo
>= 0.7.0, < 1.4.111.4.11
github.com/hashicorp/nomadGo
>= 1.5.0, < 1.5.61.5.6

Affected products

3

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.