VYPR
High severityNVD Advisory· Published Jul 23, 2024· Updated Aug 1, 2024

Nomad Vulnerable to Allocation Directory Path Escape Through Archive Unpacking

CVE-2024-6717

Description

HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is fixed in Nomad 1.6.13, 1.7.10, and 1.8.2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/hashicorp/nomadGo
< 1.8.21.8.2

Affected products

4

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.