Moderate severityNVD Advisory· Published Jul 19, 2023· Updated Oct 17, 2024
Nomad ACL Policies without Label are Applied to Unexpected Resources
CVE-2023-3072
Description
HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/hashicorp/nomadGo | >= 0.7.0, < 1.4.11 | 1.4.11 |
github.com/hashicorp/nomadGo | >= 1.5.0, < 1.5.6 | 1.5.6 |
Affected products
3- Range: 0.7.0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.