CVE-2023-0821

Name of the Vulnerable Software and Affected Versions HashiCorp Nomad and Nomad Enterprise versions 1.2.15 through 1.3.8 HashiCorp Nomad and Nomad Enterprise version 1.4.3

Description The issue is related to excessive disk usage caused by a maliciously compressed artifact stanza source in jobs. This can lead to a denial of service. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Technical details about exploitation include the use of a maliciously compressed artifact stanza source, which can cause excessive disk usage.

Recommendations For HashiCorp Nomad and Nomad Enterprise versions 1.2.15 through 1.3.8, update to version 1.2.16 or 1.3.9. For HashiCorp Nomad and Nomad Enterprise version 1.4.3, update to version 1.4.4. As a temporary workaround, consider restricting the use of compressed artifact stanza sources in jobs to minimize the risk of exploitation.