Vulnerability Report: GO-2023-1899
- CVE-2023-1296, GHSA-hhvx-8755-4cvw
- Affects: github.com/hashicorp/nomad
- Published: Aug 20, 2024
- Unreviewed
Hashicorp Nomad ACLs Cannot Deny Access to Workload’s Own Variables in github.com/hashicorp/nomad
For detailed information about this vulnerability, visit https://github.com/advisories/GHSA-hhvx-8755-4cvw or https://nvd.nist.gov/vuln/detail/CVE-2023-1296.
Affected Modules
-
PathGo Versions
-
from v1.4.0 before v1.4.6, from v1.5.0 before v1.5.1
Aliases
References
- https://github.com/advisories/GHSA-hhvx-8755-4cvw
- https://nvd.nist.gov/vuln/detail/CVE-2023-1296
- https://discuss.hashicorp.com/t/hcsec-2023-09-nomad-acls-can-not-deny-access-to-workloads-own-variables/51390
- https://vuln.go.dev/ID/GO-2023-1899.json
Feedback
This report is unreviewed. It was automatically generated from a third-party source and its details have not been verified by the Go team.
See anything missing or incorrect?
Suggest an edit to this report.