QwikSec

Security Database

CVE

CWE

Training

CVE-2022-24686

Published: Feb 14, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

HashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condition such that the Nomad client agent could download the wrong artifact into the wrong destination. Fixed in 1.0.18, 1.1.12, and 1.2.6

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://discuss.hashicorp.com

x_refsource_MISC

https://discuss.hashicorp.com/t/hcsec-2022-01-nomad-artifact-download-race-condition/35559

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20220318-0008/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.